Many of HTML5's new features-built-in video and audio playback, vector and bitmap animation, device access and Web storage, for example-are designed to eliminate the need for plug-ins. By bringing what was once considered "extra" functionality under the roof of the browser-and, more importantly, under the roof of approved standards-security and privacy can be integrated in a much more coherent, careful way.
HTML5 Device Access APIs and Privacy Preferences
The broad category of device access APIs present another potential HTML5 privacy issue. It seems only natural to many of us that the continuing expansion of the Web and the webification of all sorts of computing devices will create many innovative products and services. Just as desktop Web applications are taking over many tasks that used to be the sole domain of packaged software, mobile computing is also increasingly shifting towards the Web.
The biggest missing piece for today's mobile Web apps is the limited device access capabilities of mobile browsers when compared to the capabilities of native mobile apps. Mobile Web apps can't, for example, cause your phone to vibrate, read the current state of the battery or measure ambient light. Most new mobile Web browsers can, however, access your current location and your camera. As these new capabilities are baked into browsers, privacy is a major concern.
In native apps, device access privacy preferences are typically managed through the installation process. When you install an Android app, for example, you receive notification of the types of access that the app requests. At that point, you can choose to allow or disallow the requested access. After you install the app, the permissions are set, and that app can access your camera, contacts or whatever you approved.
Mobile Web app privacy and security is tricky, since a Web app may change at any time and upgrades don't require your active involvement. Most of the time, this is a big benefit of Web apps; you get constant upgrades without the annoying upgrade process that native apps require. The downside is that any change may cause a previously secure and trustworthy app to become less so, even harmful.
To understand how browsers deal with this potential problem, we need to first define some terms:
Notice is the requirement that an API notify a user that data is being collected. Currently, browsers have slightly different mechanisms for giving notice, but the notification bar at the top of the browser window is becoming the most common method. You can see an example of an API triggering a notice by visiting a site that uses HTML5 geolocation with a browser that supports geolocation; the latest versions of all the major browsers do.
Sign up for CIO Asia eNewsletters.