See also: IRC log
<trackbot> Date: 17 September 2015
<JoeHallCDT> ah
<tara> Thanks!
<tara> You on the phone/Webex?
<JoeHallCDT> will be soon
<JoeHallCDT> it's very quiet
<JoeHallCDT> heh
<tara> I can hear you!
<npdoty> scribenick: JoeHallCDT
<tara> We're just getting the phone side set up...
christine: let's get started
tara: no intros as we're all familiar with one another
tara: fingerprinting as a group note?
<npdoty> https://lists.w3.org/Archives/Public/public-privacy/2015JulSep/0121.html
<christine> +q
npdoty: sent out a msg in August about status of fpr document
… have resolved major document TODOs
… now complete, not perfect but not missing
… hoping to publish as a draft WG note
… will signal that has some support from PING
… and that it's stable enough for feedback
christine: totally agree that's what we should do...
… hoping wendy would be on the call
… what are the mechanisms to do that
… have some editorial comments but haven't finished yet
… will do so in the next couple of days
… goal would be to produce the final version as a PING group note by the end of the year
<Zakim> npdoty, you wanted to comment on process
npdoty: on process, I can probably answer
… different WGs handle consensus differently… but chairs are the ones that judge consensus
<christine> +q
… can do over email "please note objections/concerns by x date"
+q
christine: feeling is that the consensus would be that we should do this
… not enough people on this call to say we have consensus right now
(Katie joined, christine got her up to speed)
… should do it over email
… question: the email list has a population of people that is massive… bigger than formal PING group
tara: has to be of PING members
npdoty: we haven't had to make a sharp distinction between mailing list and signing forms to be members
<npdoty> scribenick: npdoty
JoeHallCDT: Christine, sounds like your goal is a Note by the end of the year that's no longer draft status?
christine: yes.
JoeHallCDT: what is a
member/participant?
... formal, vs public where anyone can sign up on the mailing
list
<JoeHallCDT> npdoty: members of the w3c are dues payers
<JoeHallCDT> … participants in groups like PING
<JoeHallCDT> … members of w3c and public people
<JoeHallCDT> … in order to be a formal member of the group you have to be a w3c member or an invited expert
<scribe> scribenick: JoeHallCDT
christine: tara, we have an action item to do the call for consensus on the email list and publish the note as a draft
… presume the usual period is 2 weeks
tara: and we'll wait until christine is done with editorial contribusions
npdoty: have gotten a few comments from the mailing list or offlist
… might want to start using github issue tracker
+q
<tara> GitHub for PING?
<tara> Is in the W3C account
tara: thanks a ton, npdoty!
<npdoty> thanks all for the feedback
… very grateful for moving this forward, we're proud of this accomplishment
tara: now we're on to privacy and security questionnaire
<christine> +q
tara: have quite a lot of work done by CDT
-q
christine: reiterate that Joe and Greg have done a spectacular job of moving this forward
… on my list to do a read through and comment and additions
… what we need to think about is how can we at least get to the stage of giving consensus input from PING to the TAG
… and get to the point to publish a draft note on our complimentary document that would go into more detail
… TAG's goal is to have a succinct questionnairre, but we see value in having a document that gives context for the items in the questionnaire
… if we can do that this year, that would be a good thing to do
… we have TPAC coming up, maybe the plan should be to have a meeting on that Friday (maybe just the morning) to push this forward as a group
+q
<tara> Boo!
<tara> (to no CDT folks. But we understand.)
<npdoty> JoeHallCDT: CDT folks won't be in attendance at TPAC
<tara> I will have a speakerphone.
<npdoty> ... could participate remotely?
<tara> I tried to ensure remote folks could join.
<npdoty> ... have been working to pull out the privacy stuff to have a distinct questionnaire. mkwest: it would be really great to contribute that back to the TAG document
<npdoty> ... to what extent do we want to have a PING-maintained privacy questionnaire?
<npdoty> ... vs. just giving feedback to the TAG on their questionnaire, and maintaining a document of contextual support
<npdoty> ... think we shouldn't combine privacy and security too closely
<npdoty> ... doing privacy reviews and making sure there is feedback to the questionnaire based on those reviews
<npdoty> ... for example, Greg has done that with the Presentation API experience
<npdoty> ... do we have other requests to do privacy reviews? a working understanding is most useful
<npdoty> ... Greg's email has meta questions about the questionnaire
<npdoty> tara: +1, useful to try out the questionnaire with reviews
tara: very beneficial to get experience reviewing documents with this one
npdoty: we should look at Greg's Presentations API email
… would be happy to have this merged with the security document that the TAG is working on
… having one document means it's more likely that people will use it
… and being TAG, people will pay attention to it
… so fine with having one document
… would like to do anything we can to get the feedback to tAG
+q
… whatever we need to do to get that feedback
christine: what we need to do is have another conversation with TAG
… what's the best way that both pieces of work get good traction
… the second screen working group have reached out to us
… will be having privacy discussion at TPAC in their own meeting
… if we can do a bit more work on our document, about what we think is important for the S&P questionnaire
… can take to TPAC and present to TAG our feedback
<Ryladog> +1
<tara> Yup, good idea!
<npdoty> JoeHallCDT: +1 to taking questionnaire to TPAC
<npdoty> ... understand npdoty on having one document/one place is good, connected to TAG sounds good
<npdoty> ... here are the pieces we think need to be updated with privacy-informed perspective
<npdoty> ... that could be formal input back to TAG
<npdoty> ... we (CDT) can work on that
<npdoty> ... when we have a discussion, Second Screen, more face to face feedback
<npdoty> ... there's no reason we PING couldn't be more ambassdors, going to other groups' calls
<npdoty> ... 1. go back to TAG with edits. 2. engage with groups, including at TPAC
tara: we can build bridges for the meeting, and support this at TPAC
<npdoty> are there any times that East Coast US and Japan meetings that easily overlap?
christine: you volunteered to try reviewing Presentation API?
<npdoty> https://lists.w3.org/Archives/Public/public-privacy/2015JulSep/0120.html
… for some reason, I didn't see that
<christine> +q
<npdoty> I've just updated the wiki page on privacy reviews with that link, and the fact that Greg has been looking at the Presentation API
<npdoty> JoeHallCDT: would be good to have a set of resources somewhere, not just in the mailing list
<npdoty> https://www.w3.org/wiki/Privacy/Privacy_Reviews#Requested_reviews
npdoty: we do have a wiki list of requested and finished reviews ^^^^
<Zakim> npdoty, you wanted to comment on list of reviews
… I am hopeful that this can be a semi-stable resource
… still need to send things to the mailing list
christine: to add to that, to Joe's point that also keeps the reviews so you don't have to look at the mailing list
… can we add to the wiki the actual detail of the reviews?
… ah you have… pointers to the emails?
… maybe that's all we need to do
… we should look at that and what's the best way to do it
<npdoty> I'm not sure if the email review style is the best possible, but it's definitely a good start
… one of the things I'd like to do is send a note out to the list encouraging people to look at the Presentation API review before turning over to 2nd screen WG
+q
<npdoty> JoeHallCDT: having a list on the wiki with pointers to emails where we go through a privacy review is great, but if there are multiple reviews, or follow-up pointers ... gets complicated
<npdoty> ... instead, could keep the review in a separate wiki page, and then update it on the wiki
npdoty: haven't included a link to every email in the list discussing something… just the final link to the WG
tara: presumably the next call we'd have is during TPAC
npdoty: do have some other business
<npdoty> https://lists.w3.org/Archives/Public/public-privacy/2015JulSep/0133.html
… Mike West has asked for more feedback on what's now called Secure Context (used to be powerful features)
… limit certain features to secure origins
<npdoty> https://lists.w3.org/Archives/Public/public-privacy/2015JulSep/0051.html
… DNT asked for feedback
… the other thing was not so much a review as threads on clearing local data in private browsing mode
… now there is a proposal in WebAppSec
<npdoty> https://lists.w3.org/Archives/Public/public-privacy/2015JulSep/0134.html
+q
<npdoty> ack
christine: also has a feeling that there may be something else as well
… we need to figure out how to contribute to these requests
… I can try to spurring people into action via the email list
… really need to be looking at these things
<npdoty> I'll update the wiki. if anyone knows of an individual who would be good to request review one of these documents, that would be great
<christine> @ Joe,yes, I'll chase up
<npdoty> JoeHallCDT: could look at DNT with fresh eyes/PING perspective
<npdoty> ... otherwise, +1 to email reminders to prompt people, multiple people, to review
christine: header enrichment?
… nick and joe, still worthwhile doing anything else in this space
npdoty: rather than reviewing a document, could be a good thing for a convening function
+q
… privacy implications of header enrichment
christine: suggestion and question:
… suggestion in the part of the unconference TPAC, maybe PING could suggest a session on the privacy imps of header enrichment
… question: this is slightly different from what PING does traditionally
<npdoty> I think the unconference is still on the schedule; sounds like a reasonable idea to me
… could PING have a series of blog posts? statements?
tara: sounds interesting, not sure about the precedent
npdoty: there's a w3c blog, anyone can blog on their own
… if we think that's a good way to communicate on a topic, we should do it.
<npdoty> JoeHallCDT: Unsanctioned Tracking finding from TAG relevant to header enrichment
<npdoty> ... what would we say about header enrichment, separate from TAG finding?
<npdoty> ... not okay, except in these circumstances
npdoty: might be interesting to try to define exactly what circumstances might be privacy preserving in header enrichment
… we want to get the header enrichment and privacy people to talk
<npdoty> JoeHallCDT: concern about it not being end-to-end on any level, but could imagine some use cases
christine: who do we think the pro-enrichment people would be
Joe: Verizon and AT&T
christine: are there others that have been doing this?
JoeHallCDT: not sure
christine: would be worthwhile having a conversation
<npdoty> yeah, I should probably do that
christine: add to the list things that need to be done: organize TPAC session, send agenda around
npdoty: telecon in october? or just TPAC?
tara: arranged for there to be a phone so that we could do that
… time zones will be hard
npdoty: should have remote optoin, but separate call in October
+1
christine: inclined to think we should have a call separate from TPAC meeting
… keep the enthusiasm!
tara: quite a valid point
… just don't want folks to be overwhelmed.
… should we do it before TPAC? since TPAC is right before
… 22 would make sense?
<christine> 22 works
<npdoty> maybe we could check with our Geofencing presentation re: scheduling
tara: will assume we'll do it then, with the aim of making progress for the TPAC set of meetings
<npdoty> trackbot, end meeting
This is scribe.perl Revision: 1.140 of Date: 2014-11-06 18:16:30 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Found ScribeNick: JoeHallCDT Found ScribeNick: npdoty Found ScribeNick: JoeHallCDT Inferring Scribes: JoeHallCDT, npdoty Scribes: JoeHallCDT, npdoty ScribeNicks: JoeHallCDT, npdoty Default Present: npdoty, runnegar, tara, JoeHallCDT, LCPolan, KatieHS, Haritos-Shea Present: npdoty runnegar tara JoeHallCDT LCPolan KatieHS Haritos-Shea Katie Regrets: wseltzer Found Date: 17 Sep 2015 Guessing minutes URL: http://www.w3.org/2015/09/17-privacy-minutes.html People with action items: WARNING: Input appears to use implicit continuation lines. You may need the "-implicitContinuations" option.[End of scribe.perl diagnostic output]