Review W3C User Consent & Permission

From IIW

Review W3C User Consent & Permission

Day/Session:Tuesday 2I

Convener:Wendell Baker

Notes-taker(s): Titus Capilnean

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

Workshop based on conference notes and position paper here:

  • How do we provide continued consent online?
  • Confused deputy problem - how do you name activities and permission and when do you solicit it?
  • e.g. Firefox file upload dialog box - consent perfectly timed
  • How do you take location data and make it work the same?
  • Tracking protection and GDPR are the biggest issues in consent
  • For apple - 3rd party cookies don't exist
  • Analytics problem - how do you explain them?
  • Media and advertising challenge - how can you make it cheaper to track and serve ads with blockchain? Browser consent problem has not been solved at scale - your cost of serving is 1% of a 10,000th of a cent with legacy solutions. How can this be replicated at scale?
  • w3c wanted to move all of it into the browsers - but it was late for GDPR, and adoption was slow
  • Electron browser - mim, brave - brave is interesting, the identity fabric is interesting for the industry
  • Privacy chain and oath - login with the browser identity - use case
  • serve related content based on the user consent, need a mechanism for it
  • ITP - intelligent tracking protection - tell your users or don't do it
  • Usage insights: younger audiences - safari mobile vs older audiences - chrome, desktop
  • A browser is a gate/door that needs a key - have to use it to enter a world
  • Briefly discussed p3p - privacy for the web; obsolete protocol allowing websites to declare their intended use of information they collect about web browser users.