Update Protection to clarify user control and access protection #9
Conversation
csarven
force-pushed
the
user-control-access-protection
branch
from
7ee6300 to
0e52237
Compare
There was a problem hiding this comment.
I'm not sure this does clarify things. A couple TAGs ago produced https://github.com/w3ctag/process/blob/master/style-guide.md to guide what we write, and following it is the hardest thing about writing TAG documents. Ethical Web Principles succeeds, I think, and the Privacy Principles fail. I've left some comments about the detailed wording, but maybe we should step back and think about what problems you're trying to fix with this change?
…minimization for individuals Resolves: * https://github.com/w3ctag/user-agents/pull/9/files#r1972921301
…principles Resolves: * https://github.com/w3ctag/user-agents/pull/9/files#r1972924144 Co-authored-by: Jeffrey Yasskin <[email protected]>
csarven
force-pushed
the
user-control-access-protection
branch
from
2b76aa5 to
a54d0b5
Compare
Co-authored-by: Dan Clark <[email protected]>
| Specifically, visiting a page must not allow it to make changes to the user's computer or environment, | ||
| such as installing software, accessing hardware, | ||
| or exposing sensitive information without clear user intent. | ||
| Additionally, user agents must prevent web pages from tracking individuals unless they have explicitly enabled it. |
There was a problem hiding this comment.
New pgf here for the new concept? Privacy and host security are pretty distinct ideas. I'd almost reorder the entire section on that basis (deal with host security stuff with pgf 1 part 1 and pgf 3; then deal with privacy with pgf 1 part 2 and pgf 2...
This PR refines common protections expected from a user agent and clarifies considerations around user consent.
Preview | Diff