Last update: 2023-07-07
Below are the answers to W3C's Self-Review Questionnaire. See also Security/Privacy Considerations sections in the specification.
When a user performs a screen capture via the Screen Capture API, or any other future API that would use a CaptureController object to facilitate screen-capture, this specification exposes mouse coordinates within the captured surface, or the departure of the mouse from the captured surface. (The cursor's location outside of the captured surface is NOT exposed.)
2.2. Do features in your specification expose the minimum amount of information necessary to enable their intended uses?
Yes, the minimum information is exposed. In fact, all of the information exposed is already available, but the mechanisms we introduce in our specification improve the simplicity, effiency and robustness to that information, by exposing the values programmatically, rather than requiring a capturing application to scan for the cursor's location in each and every frame.
2.3. Do the features in your specification expose personal information, personally-identifiable information (PII), or information derived from either?
Generally no. But one could imagine that fingerprinting could be done based on the patterns of a user's mouse movements. However, as mentioned in 2.2, this is not new information.
Sensitive information might be inferred on the person capturing their screen by e.g. analyzing the movement of the mouse (speed, tremor, no move at all etc). But as mentioned in 2.2 above, this is already available from the captured video frames.
No.
2.6. Do the features in your specification expose information about the underlying platform to origins?
These are just mouse coordinates relative to the captured surface which do not depend on the underlying platform. As mentioned in 2.2, this is already available from the captured video frames.
No.
No.
No.
No.
2.11. Do features in this specification allow an origin some measure of control over a user agent’s native UI?
No.
None.
2.13. How does this specification distinguish between behavior in first-party and third-party contexts?
Mouse events are only dispatched to the CaptureController
object, which lives in the document where the method navigator.mediaDevices.getDisplayMedia()
was called to start the screen capture session. This specification does not make any specific distinction between first-party and third-party contexts besides what exists in the Screen Capture specification.
2.14. How do the features in this specification work in the context of a browser’s Private Browsing or Incognito mode?
This specification does make any distiction between normal and private modes besides what exists in the Screen Capture specification.
2.15. Does this specification have both "Security Considerations" and "Privacy Considerations" sections?
Yes, as a single section covering both sets of considerations. (Separation of these sections would not make sense in this specification's case.)
No.
2.17. What happens when a document that uses your feature is kept alive in BFCache (instead of getting destroyed) after navigation, and potentially gets reused on future navigations back to the document?
If that document is navigated away the screen capture session ends, stopping the user agent from firing additional events.
If that document gets disconnected the screen capture session ends, stopping the user agent from firing additional events.
N/A