Web Permissions Are Broken
I spent this evening throwing together a simple site that uses the
HTML5 Geolocation API.
(Link here. Warning: politics!)
The API enables the sort of services that feel magical. In this case,
information for a user’s Congressional representatives based on
location. (The awesome Congress
API from Sunlight Labs
helped too). In an earlier experiment, I used webcam access with
getUserMedia() and feature
detection to make a scavenger hunt
clue accessible only by holding up a special image in front of the
But before the giddy magic of HTML5 come terrifying requests from the browser and a terrible user experience. Chrome “wants to use your location.” But for what? And how much does it know? Firefox asks if you’d “like to share your camera.” For how long? There’s no explanation of why or what the site wants to do with the data. The most likely questions for most users are met with only a chance to “Deny” or “Accept” an unknown contract. Perhaps this is a problem to be solved by explanations on the page itself, but the ability to provide a simple message would be a huge improvement, just by offering an explanation.