Update 2.3 in Security and Privacy Self-Review Questionnaire

A proposal from @toreini.
w3c · Jan 24, 2024 · 50ab599 · 50ab599
1 parent f9c6e3a
commit 50ab599
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/security-privacy-self-assessment.md b/security-privacy-self-assessment.md
@@ -19,7 +19,7 @@ The data precision is normatively limited to resist fingerprinting (see 2.6).
 
 ### 2.3 How do the features in your specification deal with personal information, personally-identifiable information (PII), or information derived from them?
 
-This specification does not deal with PII directly, however identifiable information such as gait can be determined from monitoring sensor readings over time. The specification requires users to give express permission for the user agent to provide device motion and/or orientation data.
+This specification does not deal with PII directly, however identifiable information such as gait can be determined from monitoring sensor readings over time. The specification requires users to give express permission for the user agent to provide device motion and/or orientation data. Furthermore, all interfaces are restricted to secure contexts to protect against both active and passive network attackers.
 
 ### 2.4 How do the features in your specification deal with sensitive information?