Should include mention of ephemeral fingerprinting #44
Comments
|
This is also noted in the Target Privacy Threat Model doc, related to simultaneous firing of events: Should this be added as a new type of fingerprinting, or a sub-category of active fingerprinting, or a distinct data source (as listed in https://w3c.github.io/fingerprinting-guidance/#identifying)? |
|
Two answers: 1) new type and 2) something of the last - more of "be aware of sources that may be ephemeral". It's at least partly a new type because things that might not be identifying in and of themselves (what sound is playing in your room AT THIS MOMENT) is suddenly interesting. |
|
@npdoty Devices and Sensors Working Group, at TPAC, flagged the lack of docs on ephemeral fingerprinting. We should probably address this issue. |
|
If the fingerprinting guide adopts a change along these lines, I'd love to incorporate it by reference in the Privacy & Security Questionnaire! |
I think it might be wise to include mention of an additional type of fingerprinting in section 3 of the doc: ephemeral fingerprinting. I use the term ephemeral fingerprinting to mean correlating web observable property changes concurrently observable by multiple sites to join cross-site identities. A thorough explanation that perhaps we can merge into this document is here: https://github.com/asankah/ephemeral-fingerprinting
The text was updated successfully, but these errors were encountered: