Answers to the questionnaire for Generic Sensor API can be found here.
Yes, but not directly. Gyroscope specification requires user permission and implementation of applicable mitigation strategies to address potential risks. For more information, please see: Security and Privacy section.
Yes, but not directly.
Sensor readings are explicitly flagged by the Secure Contexts specification [POWERFUL-FEATURES] as a high-value target for network attackers. Thus all interfaces defined by this specification or extension specifications are only available within a secure context.
Indirectly, gyroscope sensor readings can be used to infer user input.
3.3 Does this specification introduce new state for an origin that persists across browsing sessions?
No.
No.
3.5 Does this specification expose any other data to an origin that it doesn’t currently have access to?
No.
No.
No.
Yes.
3.9 Does this specification allow an origin access to aspects of a user’s local computing environment?
Yes. If user agent has permission to access gyroscope, the API provides means to check if sensor is available within user’s local computing environment.
No.
No.
No.
No.
Specification does not restrict access to a particular mode, nor work differently. However, this can be revisited when privacy mode would be formally specified.
No.
Yes.
See: Security & Privacy section.
No.