Comments (4)
The specification can make data, including high-value or PII data, more explicit, for improved harvesting. It doesn't distinguish first- or third-party or anonymous use: the data is ordinarily laid open to the Web. But it doesn't have special access to any data, and cannot expose anything not already available to the origin.
It is possible to use the explicit nature of microdata to adjust a DOM, serialise it, and record detailed information, however this does not open any new attack surface as far as I can tell.
from microdata.
There is a proposed privacy section
from microdata.
also, from https://www.w3.org/wiki/Privacy/Privacy_Considerations
- can the information be used (alone or in combination with other APIs / sources of information) to fingerprint a device or user? No more than already so.
- can a user access the information she created? Only by adding interactivity to create stuff.
- can a user record that information locally? Depends if the application allows that
- am I able to have actions on this personal record? Depends ditto
- can a user block partly or totally the record of the information? Other than automatically available info, yes
- can a user fake it? (think about fuzzy geolocation or voluntary fake location) Probably some, but not automatic info
- Is the data personally-derived, i.e. derived from the interaction of a single person, or their device or address? (If so, even if anonymous, it might be re-correlated) Probably, but depends on the application
- Does the data record contain elements that would help such re-correlation? (examples include an IP address, and so on) Depends on the application
- What other data could this record be correlated with? (e.g. the ISP) Any
- If you had large amounts of this data about one person, what conclusions would it enable you to draw? (e.g. maybe you could estimate location from many ambient light events by estimating latitude and longitude from the times of sunrise and sunset) Nothing special based on this spec.
- Is the user likely to know if information is being collected? Only from best practice applications
- How visible is its collection and or use? Depends on the application
- Does the user get feedback on the patterns that the information could reveal (at any instant, over time) so she can adjust her behaviours? No
- if a background event about the device is fired in all browsing contexts, does it allow correlation of a user across contexts? Not sure
- can code on a page send signals that can be received by device sensors on nearby devices? Nothin in the spec makes that easier
from microdata.
Help wanted:
If a background event about the device is fired in all browsing contexts, does it allow correlation of a user across contexts?
from microdata.
Related Issues (20)
- Global Identifier
- Values section title odd
- Textual property value does not use language of the element HOT 4
- No description of how numeric property values are obtained. HOT 12
- Incomplete sentence: "User agents are"
- Syntax highlighting not working correctly HOT 12
- Capitalization of "microdata"
- give examples and algorithms a URL HOT 1
- Provide an example of itemid
- incomplete sentence "User agents are" HOT 2
- RDFa and JSON-LD are not equivalent HOT 12
- RDFa should generate to RDFa Lite HOT 4
- Use the same example for JSON-LD and RDFa HOT 6
- Reference to [microdata-rdf] should be changed HOT 13
- Reusing components in different contexts HOT 4
- itemref as a url, not just an ID within the same document
- "Valid" definition doesn't resolve
- "Our company" example is confusing
- Hedral the Cat HOT 1
- Hedral Issue 2 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from microdata.