W3C Workshop on Permissions

CRANK

Executive SummaryFuture work should build on the key strengths of the web: safety-by-default, linkability, ephemerality, and interoperability across browsers and platforms.There was significant interest in non-prompt, contextual permission UIs, which are more seamlessly embedded into the user’s journey, and follow the “user-push” model instead of the “developer-pull” model. This approach could allow for more intuitive user controls and better contextual integrity, promote light patterns over dark patterns, and provide user agents with better insight into user intent and inform predictive systems.User agents could surface – or adjust behavior based on – additional signals to support informed user choices. These signals might include purpose declarations by developers, crowd-sourced statistics, ratings or reviews, etc. Defining a purpose in a structured language could enable browsers to reframe permissions in terms of utility and potential consequences rather than technical abili…