Include Known Gyroscope Privacy Exposures in Gyroscope Document #27
Description
At the review of the Sensors API at TPAC 2017, PING and the Sensors WG discussed including known privacy exposures for a given sensor, e.g. the use of the gyroscope as a microphone, in the W3C specification for that specific sensor as opposed to incorporating the exposure by reference. The goal of doing so is that an implementer of the specific sensor API would see the specific privacy exposure — and mitigations — for a sensor in the spec for that sensor API.
In the case of gyroscope, that would entail incorporating a reference to the risk of a gyroscope acting as a microphone, e.g. https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-michalevsky.pdf. For mitigations, the proposed mitigations in the Generic Sensor API specification could be brought over or referenced.