Line Mode

A link blog by two friends of the web, Geoff and Jay.

W3C

  • Geoff

    W3C Privacy Principles

    www.w3.org

    Yes, yes, it’s Global Accessibility Awareness Day. While that’s deservedly today’s focal point, it shouldn’t go unnoticed that the W3C published a set of Privacy Principles as well:

    This document is intended to help its audiences address privacy concerns as early as possible in the life cycle of a new web standard or feature, or in the development of web products. Beginning with privacy in mind will help avoid the need to add special cases later to address unforeseen but predictable issues or to build systems that turn out to be unacceptable to users.

    There are 30 principles (and sub-principles) in all. A few choice selections, starting with restricting the sort of data that is transferred around to what’s strictly necessary:

    • Principle 2.2.1Sitesuser agents, and other actors should restrict the data they transfer to what’s either necessary to achieve their users’ goals or aligns with their users’ wishes and interests.

    People have rights when the data is about them:

    This one’s particularly damning to browsers and marketers:

    Principle 2.9.2User agents and sites must take steps to protect their users from abusive behaviour, and abuse mitigation must be considered when designing web platform features.

    And let’s ditch legal jargon when explaining how data is handled:

    Principle 2.11.2: Information about privacy-relevant practices should be provided in both easily accessible plain language form and in machine-readable form.

    How many times have you agreed to or confirmed cookie notices? Wouldn’t it be great to have access to your choices after the fact?

    Principle 2.12.3: It should be as easy for a person to check what consent they have given, to withdraw consent, or to opt out or object, as to give consent.

    Lastly, let’s make sure we don’t punish someone for wanting to protect their privacy:

    Principle 2.14Actors must not retaliate against people who protect their data against non-essential processing or exercise rights over their data.

    0

  • Geoff

    Third Party Cookies Must Be Removed

    w3ctag.github.io

    W3C Technical Architecture Group:

    Third-party (AKA cross-site) cookies are harmful to the web, and must be removed from the web platform. 

    […]

    We are strongly in favor of innovations to build sustainable business models on the web platform, but an in-depth discussion of the various possibilities are outside of the scope of this document. From an architectural standpoint, web standards should avoid encoding particular business models that are available to authors, publishers, and web content creators.

    Them are some strong words from the W3C that leave no doubt about their opinion to remove third-party cookies from the web. We recently noted that Google is sidestepping COPPA regulations. Something tells me the W3C is publishing this in response to Google dropping its own plans to remove third-party cookies from Chrome. Let the battle begin!

    0