Present: Jeffrey, Robin, Amy, Dan, Nick, Pete, Wendy, Sam
Regrets: Don
Dan: last week, asked TAG to come to consensus on the meat of the privacy principles document, per the text we agreed on last week. not full TAG consensus on the current document. agreed we would shoot for next week; on track. feel like we're getting there. lots of editorial feedback, general support for the substance. noted that the document was long.
...outlined that we would plan to wind down the activity of this task force over coming months. continue editorial work more asynchronously. next year at some point we can officially wind down the task force. not sure how that fits with the process of moving to W3C Statement.
Jeffrey: would like issues on words needed to look up.
Nick: were there no substantive comments?
Dan: not all reviewed in detail, but generally positive on substance.
Jeffrey: I checked with people... i think we can merge...
Pete: the idea of a vulnerable person being almost anyone on the planet waters down what we're trying to say about vulnerable people...
Jeffrey: i filed 373 to keep thinking about that...
Peter: fine with merging this and having that conversation.
Robin: yes I think it's good.
Dan: +1
merged
lower case web
Jeffrey: I think this ready to merge...
merged
Robin: it's not just about prevention...
we agree to take jeffrey's change
merged
Nick: suggests an editorial change, but it's not necessary.
Dan: wfm.
merged
Jeffrey: in response to Yoav's question... felt we should be precise... also noticed that the user agent principle is almost the same...
Nick: I like the idea of consolidating... I do think this loses the "needed to satisfy goals" or "is aligned with the user's interests"... I think what's necessary to achieve the user's interests is unclear.
Jeffrey: "either necessary to achieve the user's goals or what aligns with their wishes and interests"...
Dan: interests has 2 meanings...
Jeffrey: worth addressing.
Nick: I think "wishes and interests make it pretty clear"...
Jeffrey: suggested change
Dan: lgtm
Nick: this removes "loyalty" re-statements and I'm ok with that.
Pete: is this restricting ... still fine for privacy if UAs are still sending non-private data?
Jeffrey: could broaden it to "restricted data they transfer"...
Nick: we do say that minimization applies to all personal data even if it's not identifiable... it could be all the relevant datat that you could transfer...
Pete: for the sake of brevity just say data rather personal data
Nick: because personal data has a definition...
we agree to say data and it links to the def of personal data
merged
Pete: I'm OK although i feel processing time and bandwidth are important...
Jeffrey: I feel they're only tangentially related to privacy... and it's not clear that these APIs use undue processing time or bandwidth...
Nick: users might want to configure their agents to save processing time & bandwidth... related to privacy... not sure what's what we're saying here...
Dan: example of low bandidth high latency network
Jeffrey: the UA often prioritizes these kinds of APIs outside of the critical path...
Amy: I think all of this is captured by "may know something" therefore the change is fine.
Nick: I agree about separating the decision... I suggest we remove the text and open a new issue about resource minimization and control. Doesn't need to be in v1.
merged
Dan: wfm
merged
Jeffrey: yoav says the mitigation one webperf api is using is to add noise - it's posssible that they could allow users to turn the knob way up... either backburner or say we're not doing anything about it.
Robin: fine either way
Wendy: ...these are considerations having read the principles...
Jeffrey: I think this is covered by all the caveats in the introduction...