Thinking about permissions on the web

I’ve been thinking quite a bit about privacy and permissions both generally and in web browsers and our product that rely on them. I very much appreciated this perspective from Sally Lait.

[M]y personal preference is generally to continue as normal, and then to use whatever’s being requested as an enhancement, as a natural part of whatever task I am hoping to do, at a time that makes sense to me rather than having it pushed on me out of context or at a time that doesn’t make sense.

This is true for me as well. I hate going to a new site only to be immediately bombarded with requests to see my location or send me notifications. It makes your site appear desperate, socially-awkward, and a bit sociopathic.

I definitely believe there’s room for improvement in terms of how browsers relay requests for permission. Personally, I’d love to see permission requests require an accompanying link to the section of that site’s privacy policy covering how the information being requested will be used. Sure, most users probably won’t click on it, but having to provide something might make some developers think twice about it (and more directly tie these requests to the site’s governing entity from a legal standpoint).