From 00ba9713d947b750da18aec619065f2c3bea2eeb Mon Sep 17 00:00:00 2001
From: Anssi Kostiainen <anssi.kostiainen@gmail.com>
Date: Wed, 9 Oct 2024 20:20:59 +0300
Subject: [PATCH] Add Accelerometer reading quantization algorithm (#82)

This mitigates sensor calibration fingerprinting [SENSORID] and
attacks that rely on high precision sensor readings per
W3C Privacy Interest Group's recommendation.

Fix #54
Fix #57
---
 index.bs | 37 ++++++++++++++++++++++++++++++++++++-
 1 file changed, 36 insertions(+), 1 deletion(-)

diff --git a/index.bs b/index.bs
index 1950579..ec831e2 100644
--- a/index.bs
+++ b/index.bs
@@ -78,7 +78,18 @@ urlPrefix: https://www.w3.org/TR/screen-orientation/; spec: SCREEN-ORIENTATION
         "date": "2012",
         "status": "Informational",
         "publisher": "Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications"
-     }
+     },
+    "SENSORID": {
+        "href": "https://doi.org/10.1109/SP.2019.00072",
+        "title": "SensorID: Sensor Calibration Fingerprinting for Smartphones",
+        "date": "2019",
+        "authors": [
+            "Zhang, Jiexin",
+            "Beresford, Alastair R.",
+            "Sheret, Ian"
+        ],
+        "publisher": "IEEE Symposium on Security and Privacy"
+    }
 }
 </pre>
 
@@ -166,6 +177,11 @@ provide visual indication when inertial sensors are in use and/or require explic
 access [=sensor readings=]. These mitigation strategies complement the [=generic mitigations=] defined
 in the Generic Sensor API [[!GENERIC-SENSOR]].
 
+This specification defines an [=accelerometer reading quantization algorithm=] (called from the
+[=get value from latest reading=] operation) to mitigate sensor calibration fingerprinting [[SENSORID]]
+and attacks that rely on high precision sensor readings. The details of the quantization algorithm
+follow W3C Privacy Interest Group's <a href="https://github.com/w3c/accelerometer/issues/54">recommendation</a>.
+
 Permissions Policy integration {#permissions-policy-integration}
 ==============================
 
@@ -429,6 +445,23 @@ Abstract Operations {#abstract-opertaions}
     1.  Otherwise, define |object|'s [=local coordinate system=] to the [=device coordinate system=].
 </div>
 
+<h3 dfn>Accelerometer reading quantization algorithm</h3>
+
+The [=Accelerometer=] [=sensor type=] defines the following [=reading quantization algorithm=]:
+
+<div algorithm="accelerometer reading quantization">
+  : input
+  :: |reading|, a [=sensor reading=]
+  : output
+  :: A [=sensor reading=]
+
+  1. Let |quantizedReading| be |reading|.
+  1. If |quantizedReading|["x"] is not null, set |quantizedReading|["x"] to the nearest 0.1 m/s<sup>2</sup>.
+  1. If |quantizedReading|["y"] is not null, set |quantizedReading|["y"] to the nearest 0.1 m/s<sup>2</sup>.
+  1. If |quantizedReading|["z"] is not null, set |quantizedReading|["z"] to the nearest 0.1 m/s<sup>2</sup>.
+  1. Return |quantizedReading|.
+</div>
+
 Automation {#automation}
 ==========
 
@@ -457,3 +490,5 @@ Acknowledgements {#acknowledgements}
 ================
 
 Tobie Langel for the work on Generic Sensor API.
+
+W3C Privacy Interest Group and Paul Jensen for the sensor calibration fingerprinting mitigation proposal and discussion.