You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
<li><ahref="#safe-to-browse"><spanclass="secno">1.2</span><spanclass="content">It should be safe to visit a web page</span></a>
760
760
<li><ahref="#trusted-ui"><spanclass="secno">1.3</span><spanclass="content">Trusted user interface should be trustworthy</span></a>
761
761
<li><ahref="#consent"><spanclass="secno">1.4</span><spanclass="content">Ask users for meaningful consent</span></a>
762
-
<li><ahref="#devices-platforms"><spanclass="secno">1.5</span><spanclass="content">Support the full range of devices and platforms (Media Independence)</span></a>
763
-
<li><ahref="#new-features"><spanclass="secno">1.6</span><spanclass="content">Add new capabilities with care</span></a>
764
-
<li><ahref="#removing-features"><spanclass="secno">1.7</span><spanclass="content">Remove or change capabilities only once you understand existing usage</span></a>
765
-
<li><ahref="#leave-the-web-better"><spanclass="secno">1.8</span><spanclass="content">Leave the web better than you found it</span></a>
766
-
<li><ahref="#data-minimization"><spanclass="secno">1.9</span><spanclass="content">Minimize user data</span></a>
762
+
<li><ahref="#identity"><spanclass="secno">1.5</span><spanclass="content">Use identity appropriately in context</span></a>
763
+
<li><ahref="#devices-platforms"><spanclass="secno">1.6</span><spanclass="content">Support the full range of devices and platforms (Media Independence)</span></a>
764
+
<li><ahref="#new-features"><spanclass="secno">1.7</span><spanclass="content">Add new capabilities with care</span></a>
765
+
<li><ahref="#removing-features"><spanclass="secno">1.8</span><spanclass="content">Remove or change capabilities only once you understand existing usage</span></a>
766
+
<li><ahref="#leave-the-web-better"><spanclass="secno">1.9</span><spanclass="content">Leave the web better than you found it</span></a>
767
+
<li><ahref="#data-minimization"><spanclass="secno">1.10</span><spanclass="content">Minimize user data</span></a>
767
768
</ol>
768
769
<li>
769
770
<ahref="#api-across-languages"><spanclass="secno">2</span><spanclass="content">API Design Across Languages</span></a>
<p><ahref="https://www.w3.org/2001/tag/doc/ethical-web-principles/#privacy">Security and privacy are essential</a></p>
1054
1055
</ul>
1055
-
<h3class="heading settled" data-level="1.5" id="devices-platforms"><spanclass="secno">1.5. </span><spanclass="content">Support the full range of devices and platforms (Media Independence)</span><aclass="self-link" href="#devices-platforms"></a></h3>
1056
+
<h3class="heading settled" data-level="1.5" id="identity"><spanclass="secno">1.5. </span><spanclass="content">Use identity appropriately in context</span><aclass="self-link" href="#identity"></a></h3>
1057
+
<p>Give people <ahref="https://www.w3.org/TR/ethical-web-principles/#control">control</a> over the identifying information about themselves
1058
+
they are presenting in different contexts on the web,
1059
+
and be transparent about it.</p>
1060
+
<p>"Identity" is a complex concept that can be understood in many different ways.
1061
+
It can refer to how someone presents or sees themselves, how they relate to other
1062
+
people, groups, or institutions, and can determine how they behave
1063
+
or how they are treated by others.
1064
+
In web architecture, "identity" is often used as a shortcut
1065
+
to refer to identifiers, and the information attached to them.</p>
1066
+
<p>Features that use or depend on
1067
+
identifiers and the attachment of data about a person
1068
+
to that identifier carry privacy risks which
1069
+
often reach beyond a single API or system.
1070
+
This includes data that has been passively generated (for example,
1071
+
about their behaviour on the web) as well as that which has been
1072
+
actively collected (for example, they have filled in a form).</p>
1073
+
<p>For such features, you should <ahref="https://www.w3.org/TR/privacy-principles/#identity">understand the context</a> in which it will be used,
1074
+
including how it will be used alongside other features of the web.
1075
+
Make sure the user can <ahref="#consent">give appropriate consent</a>.
1076
+
Design APIs to collect <ahref="https://www.w3.org/TR/privacy-principles/#data-minimization">the smallest amount of data</a> necessary.
1077
+
Use short-lived, temporary identifiers
1078
+
unless a persistent identifier is absolutely necessary.</p>
1079
+
<h3class="heading settled" data-level="1.6" id="devices-platforms"><spanclass="secno">1.6. </span><spanclass="content">Support the full range of devices and platforms (Media Independence)</span><aclass="self-link" href="#devices-platforms"></a></h3>
1056
1080
<p>As much as possible,
1057
1081
ensure that features on the web work across different input and output [devices,
1058
1082
screen sizes, interaction modes, platforms, and media]
In these cases, features should be designed such that it is possible for
1086
1110
code to gracefully fail or be polyfilled.
1087
1111
See <ahref="#feature-detect">§ 2.5 New features should be detectable</a>.</p>
1088
-
<h3class="heading settled" data-level="1.6" id="new-features"><spanclass="secno">1.6. </span><spanclass="content">Add new capabilities with care</span><aclass="self-link" href="#new-features"></a></h3>
1112
+
<h3class="heading settled" data-level="1.7" id="new-features"><spanclass="secno">1.7. </span><spanclass="content">Add new capabilities with care</span><aclass="self-link" href="#new-features"></a></h3>
1089
1113
<p>Add new capabilities to the web with consideration of existing functionality and content.</p>
1090
1114
<p>The Web includes many extension points that allow for additions;
1091
1115
see for example <ahref="https://html.spec.whatwg.org/multipage/introduction.html#extensibility"><cite>HTML</cite> § 1.7.3 Extensibility</a>.</p>
1092
1116
<p>Before adding items, consider integration with existing, similar capabilities.
1093
1117
If this leads to a preferred design approach that cannot be implemented by only adding items,
1094
-
it might still be possible; see <ahref="#removing-features">§ 1.7 Remove or change capabilities only once you understand existing usage</a>.</p>
1118
+
it might still be possible; see <ahref="#removing-features">§ 1.8 Remove or change capabilities only once you understand existing usage</a>.</p>
1095
1119
<p>Do not assume that a change or removal is impossible without first checking.
1096
1120
Before adding items, consider integration with existing, similar capabilities.
1097
1121
If this leads to a preferred design approach that cannot be implemented by only adding items,
1098
-
it might still be possible; see <ahref="#removing-features">§ 1.7 Remove or change capabilities only once you understand existing usage</a>.
1122
+
it might still be possible; see <ahref="#removing-features">§ 1.8 Remove or change capabilities only once you understand existing usage</a>.
1099
1123
Do not assume that a change or removal is impossible without first checking.</p>
1100
-
<h3class="heading settled" data-level="1.7" id="removing-features"><spanclass="secno">1.7. </span><spanclass="content">Remove or change capabilities only once you understand existing usage</span><aclass="self-link" href="#removing-features"></a></h3>
1124
+
<h3class="heading settled" data-level="1.8" id="removing-features"><spanclass="secno">1.8. </span><spanclass="content">Remove or change capabilities only once you understand existing usage</span><aclass="self-link" href="#removing-features"></a></h3>
1101
1125
<p>Prioritize compatibility with existing content when removing or changing functionality.</p>
1102
1126
<p>Once a significant amount of content has come to depend on a particular behavior,
1103
1127
removing or changing that behavior is discouraged.
behavior that might be considered implementation bugs.
1111
1135
Web features are not solely defined in specifications;
1112
1136
they are also defined by how content uses those features.</p>
1113
-
<h3class="heading settled" data-level="1.8" id="leave-the-web-better"><spanclass="secno">1.8. </span><spanclass="content">Leave the web better than you found it</span><aclass="self-link" href="#leave-the-web-better"></a></h3>
1137
+
<h3class="heading settled" data-level="1.9" id="leave-the-web-better"><spanclass="secno">1.9. </span><spanclass="content">Leave the web better than you found it</span><aclass="self-link" href="#leave-the-web-better"></a></h3>
1114
1138
<p>As you add new capabilities to the web platform, do so in a way that improves
1115
1139
the overall platform, for example its security or privacy vulnerabilities, or accessibility characteristics.
1116
1140
The existence of a defect in one part of the platform must not be used as a license
Issues that are present with a certain web technology now may be fixed in a subsequent iteration.
1122
1146
Duplicating these issues makes fixing them more difficult.
1123
1147
By adhering to this principle we can make sure overall platform quality improves over time.</p>
1124
-
<h3class="heading settled" data-level="1.9" id="data-minimization"><spanclass="secno">1.9. </span><spanclass="content">Minimize user data</span><aclass="self-link" href="#data-minimization"></a></h3>
1148
+
<h3class="heading settled" data-level="1.10" id="data-minimization"><spanclass="secno">1.10. </span><spanclass="content">Minimize user data</span><aclass="self-link" href="#data-minimization"></a></h3>
1125
1149
<p>Design features to work with the minimum amount of data necessary to carry out their
1126
1150
users' goals.</p>
1127
1151
<p><ahref="https://www.w3.org/TR/privacy-principles/#data-minimization">Data minimization</a> limits the risks of data being inappropriately disclosed or misused.</p>
0 commit comments