Hi, While I see plenty of involvement in matters of privacy, I am wondering why "data ownership" is not regularly included in such discussions, advocacy, and implementations.
Open standards advocates have long fought for documents being saved (by default) in open formats, yet there seems to be no impetus to set up a standard (like `globalStorage` had promise of being) to make this a reality for web data. Sites should be able to store data in a manner that can be directly reused, with user permission, by any other permitted web site/application without the data first needing to be manually exported and then re-imported, and without the site needing to go through the origin site as a gate-keeper. Once such a feature is implemented, users should also be able to informed about or selectively disable local storage on their browser unless stored in a shareable manner and put pressure on websites which do not make use of such an accessible, site-neutral medium. My proposal is not something shocking or unduly insecure; it is the way in which desktop applications have been working since Microsoft wisely allowed third parties to create applications which could read or alter documents created previously by other programs. Yes, there is a danger of data corruption and privacy violations, but that has been true for desktop apps; on desktops, however, the app is typically not restricted granularly (e.g., as to which file can be modified) nor is the user even aware of the privilege(s) being granted, whereas this proposal seeks to rely on per-site permissions. Reliance on user-guided trust choices is an inevitable necessity if data is not to remain locked in fortified data islands--so please let's avoid giving into FUD about other websites having potential access to shared data when it has worked rather well on the desktop. Governments thankfully started to become aware of their duty to require data be stored in non-proprietary formats, yet they may still make posts on Twitter, etc. where no local copies are by default kept by the browser, pushing their data into the Cloud, which is arguably worse than saving to a local proprietary copy which can at least be queried offline. Sure, products exist which help one get around this, but they are not the norm, so the average user is prevented from having control of their own data. If such a mechanism were implemented, other interesting negotiations between user and website might take place through the browser, such as empowering the USER to supply their pre-existing data to other sites (and selectively allow sites to listen for modifications to this store) only under their own browser-stored default license terms (and perhaps publicly verified by a third party negotiated by the site and user). Terms might also be negotiated which allow the website to subscribe to the user's own website and republish from it, so that the site could get updates of the user's updated data without the user needing to be online in their browser. _______________________________________________ dev-privacy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-privacy
