Learn More
The W3C's Geolocation API may rapidly standardize the transmission of location information on the Web, but, in dealing with such sensitive information, it also raises serious privacy concerns. We analyze the manner and extent to which the current W3C Geolocation API provides mechanisms to support privacy. We propose a privacy framework for the consideration(More)
The meaning of privacy has been much disputed throughout its history in response to wave after wave of new technological capabilities and social configurations. The current round of disputes over privacy fuelled by data science has been a cause of despair for many commentators and a death knell for privacy itself for others. We argue that privacy's disputes(More)
  • Nick Doty
  • 2015
The functionality of the Internet and the World Wide Web is determined in large part by the standards that allow for interoperable implementations, as a result, the privacy of our online interactions depends on the work done within standard-setting organizations. But how do the organizational structure and processes of these multistake holder groups affect(More)
Security and privacy issues for <i>Location-Based Services (LBS)</i> and geolocation-capable applications often revolve around designing a <i>User Interface (UI)</i> such that users are informed about what an application is doing and have the ability to accept or decline. However, in a world where applications increasingly draw on a wide variety of LBS(More)
Microsoft has proposed an identity metasystem to standardize identity services and the principles behind them. A location metasystem can support interoperation between location services, protect users' privacy and handle issues of granularity. The simple OAuth protocol may be a good model for working towards a location metasystem.
Many government actions require an Environmental Impact Statement; some now require a Privacy Impact Assessment. 1 One might imagine a requirement that IETF protocol designers go through some similar activity. The IETF already requires proposed standards to have a "security considerations" section, why not a public policy considerations section? In 2003,(More)
One critique of Privacy-by-Design has focused on its lack of concrete guidance for implementation. We have proposed privacy design patterns (drawing from architectural design patterns and object-oriented programming design patterns) as documentation that can be more directly applicable and have established a site to coordinate collaborative development of(More)
  • 1