diff --git a/index.html b/index.html
index 09c230c6..195f6eaa 100644
--- a/index.html
+++ b/index.html
@@ -49,6 +49,12 @@
}
],
localBiblio: {
+ 'ADDING-PERMISSIONS': {
+ title: 'Adding another permission? A guide',
+ authors: ['Nick Doty'],
+ date: '2018',
+ href: 'https://github.com/w3cping/adding-permissions'
+ },
'Addressing-Cyber-Harassment': {
title: 'Addressing cyber harassment: An overview of hate crimes in cyberspace',
authors: ['Danielle Keats Citron'],
@@ -1743,6 +1749,67 @@
+## Transparency
+
+
+
+ When accessing data or requesting permission, [=sites=] (and other [=actors=]) should provide
+ [=people=] with relevant explanatory information about the use of data, and [=user agents=]
+ should help present and consume that information.
+
+
+
+Transparency is a necessary, but insufficient, condition for [=consent=]. Relevant explanatory
+information includes who is accessing data, what data is accessed (including the potential
+inferences or combinations of such data) and how data is used. For transparency to be meaningful to
+people, explanatory information must be provided in the relevant [=context=].
+
+
+ In designing new Web features that may involve permissions, consider whether a permission is
+ needed and how to make that permission meaningful [[?ADDING-PERMISSIONS]].
+
+ Past workshops have explored the needs for better permissions on the Web:
+
+
+
+
+
+ Information about privacy-relevant practices should be provided in both easily accessible plain
+ language form and in machine-readable form.
+
+
+
+Machine-readable presentation of privacy-relevant practices is necessary for [=user agents=] to be
+able to help [=people=] make general decisions, rather than relying falsely on the idea that
+[=people=] can or want to read documentation before every visit to a web site. Machine-readable
+presentation also facilitates collective governance by making it more
+feasible for researchers and regulators to discover, document, and analyze data collection and
+processing to identify cases in which it may be harmful.
+
+Easily accessible, plain language presentation of privacy-relevant practices is necessary for
+[=people=] to be able to make informed decisions in specific cases when they choose to do so.
+[=Sites=], [=user agents=], and other [=actors=] all may need to present privacy-relevant practices
+to [=people=] in accessible forms.
+
+
+
+ Mechanisms that can be used for [=recognize|recognizing=] [=people=] should be designed so that
+ their operation is visible and distinguishable, to [=user agents=], researchers and regulators.
+
+
+
+Non-transparent methods of [=recognition=] are harmful in part because they are not visible to the
+user, which undermines user control [[?UNSANCTIONED-TRACKING]]. Designing features that minimize
+data and make requests for data explicit can enable detectability, a kind of transparency that is an
+important mitigation for browser fingerprinting.
+
## Consent, Withdrawal of Consent, Opt-Outs, and Objections {#consent-principles}