Review W3C User Consent & Permission

Review W3C User Consent & Permission

Day/Session:Tuesday 2I

Convener:Wendell Baker

Notes-taker(s): Titus Capilnean

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

Workshop based on conference notes and position paper here:  https://www.w3.org/Privacy/permissions-ws-2018/cfp.html

• How do we provide continued consent online?
• Confused deputy problem - how do you name activities and permission and when do you solicit it?
• e.g. Firefox file upload dialog box - consent perfectly timed
• How do you take location data and make it work the same?
• Tracking protection and GDPR are the biggest issues in consent
• For apple - 3rd party cookies don't exist
• Analytics problem - how do you explain them?
• Media and advertising challenge - how can you make it cheaper to track and serve ads with blockchain? Browser consent problem has not been solved at scale - your cost of serving is 1% of a 10,000th of a cent with legacy solutions. How can this be replicated at scale?
• w3c wanted to move all of it into the browsers - but it was late for GDPR, and adoption was slow
• Electron browser - mim, brave - brave is interesting, the identity fabric is interesting for the industry
• Privacy chain and oath - login with the browser identity - use case
• serve related content based on the user consent, need a mechanism for it
• ITP - intelligent tracking protection - tell your users or don't do it
• Usage insights: younger audiences - safari mobile vs older audiences - chrome, desktop
• A browser is a gate/door that needs a key - have to use it to enter a world
• Briefly discussed p3p - privacy for the web; obsolete protocol allowing websites to declare their intended use of information they collect about web browser users.