Nick Doty

Learn More
The W3C's Geolocation API may rapidly standardize the transmission of location information on the Web, but, in dealing with such sensitive information, it also raises serious privacy concerns. We analyze the manner and extent to which the current W3C Geolocation API provides mechanisms to support privacy. We propose a privacy framework for the consideration(More)
The functionality of the Internet and the World Wide Web is determined in large part by the standards that allow for interoperable implementations, as a result, the privacy of our online interactions depends on the work done within standard-setting organizations. But how do the organizational structure and processes of these multistake holder groups affect(More)
Microsoft has proposed an identity metasystem to standardize identity services and the principles behind them. A location metasystem can support interoperation between location services, protect users' privacy and handle issues of granularity. The simple OAuth protocol may be a good model for working towards a location metasystem.
Many government actions require an Environmental Impact Statement; some now require a Privacy Impact Assessment. 1 One might imagine a requirement that IETF protocol designers go through some similar activity. The IETF already requires proposed standards to have a "security considerations" section, why not a public policy considerations section? In 2003,(More)
One critique of Privacy-by-Design has focused on its lack of concrete guidance for implementation. We have proposed privacy design patterns (drawing from architectural design patterns and object-oriented programming design patterns) as documentation that can be more directly applicable and have established a site to coordinate collaborative development of(More)
  • 1