From 85555ed9c27e7f1e0deca547a345c057c8fc86c8 Mon Sep 17 00:00:00 2001 From: Daniel Appelquist Date: Fri, 26 Apr 2024 14:37:37 +0100 Subject: [PATCH] Create 2024-04-24-minutes.md --- meetings/2024-04-24-minutes.md | 86 ++++++++++++++++++++++++++++++++++ 1 file changed, 86 insertions(+) create mode 100644 meetings/2024-04-24-minutes.md diff --git a/meetings/2024-04-24-minutes.md b/meetings/2024-04-24-minutes.md new file mode 100644 index 00000000..adf53aa2 --- /dev/null +++ b/meetings/2024-04-24-minutes.md @@ -0,0 +1,86 @@ +# TAG Privacy Task force - 24 April 2024 + +Present: Dan, Jeffrey, Pete, Robin, Don +Regrets: Christine, Wendy + +## Wide review feedback + +Dan: I reached out to the UN... + +Robin: I reached out to Heather F. to ask for feedback as well re: identity & identifiers + +https://github.com/w3c/i18n-request/issues/227 + +Robin: the send a note is completed in IRC... + +Dan: I [asked](https://github.com/w3c/i18n-actions/issues/85#issuecomment-2075315160) for feedback... + +A11y: https://github.com/w3c/a11y-request/issues/74 + +Dan: so far nothing there - I will ping Matthew Atkinson - + +Dan: any other wide review feedback? + +## [Reconcile browser funding with Loyalty](https://github.com/w3ctag/privacy-principles/issues/414) + +Jeffrey: this is about - any processing that's detrimental to the user's interests... + +Robin: I don't see how it's detrimental... + +Jeffrey: if you look only at the first half of the exchange, it's detrimental... + +Dan: I think maybe adding more complexity wouldn't really help... + +Robin: I think the the principles benefit from being simple and clear... if we try to pre-program possible misinterpretations then ... + +Don: the companies that do this kind of stuff already explain this kind of value to end users (like renting out your GPU) I don't think that's an exception to "detrimental to a user's interest" if the user has an interest in making some kind of trade. + +Jeffrey: our sense is that these kinds of exchanges are not violations of loyalty... I think responding "we think these exchanges are not violations" would be a reasonable way to close the issue. + +Pete: this is several abstractions away ... but for v2 we need slimmer document... + +*jeffrey to write up* + +## Credentials + +*we discuss possible shape of work on credentials in w3c...* + +Jeffrey: how do we mitigate - discourage sites from asking for too much... Trade-offs ... We need to ask the working group "what are those trade-offs" and that's against the backdrop of digital identities... and phone + +Dan: we can learn from the payments work... + +Jeffrey: we should discourage that outcome... + +Dan: there's open wallet work going on in linux foundation... https://openwallet.foundation/ + +Jeffrey: could be a good suggestion for the charter... + +Nick: coercion ... we don't want to enable wide scale discrimination... ethical principles that are privacy relevance... I'd like some commitment at the chartering stage [of fedid] that there will be joint work - joint work that we can address these harms... + +Jeffrey: is that something that could go into the proposed charter? + +Nick: have the TAG convene a task force and have the wg charter include some committment to that... + +Pete: a place where we could look: the crypto space .. you have the ability to spin up temporary credentials... worries me : single sign-on with drivers' license... + +Don: "how can we use this to stop account sharing" + +Jeffrey: an argument for regulation... in our spec we can say "you must not do this" + +Don: and done in a web environment where you can choose what info is passed (not arbitrary info that could create more risks) + +Jeffrey: putting browser in the middle - we can ban them from accessing the API... + +Nick: started this draft https://github.com/w3cping/credential-considerations/blob/main/credentials-considerations.md in ping... + +Discussion of a task force to do 3 things: +* finding at the beginning +* review body jointly with ping +* a document ... such as the one above ... + +Nick: a human rights impact... + +Dan: societal impact questionnaire https://w3ctag.github.io/societal-impact-questionnaire/ could be part of a human rights assessment... + +Jeffrey: having the experts on human rights etc... in the working group.. might be the best way to do it... +