I’m a developer at Open Location Services. We are creating an open database for location services. As of right now the API’s that allow us to make our services work are those exclusively provided to native applications. The web Geolocation API is limited to the database of the browser vendor, which we think is an arbitrary limitation.
The proposed API is divided into two main parts.
As the name says, the WebRadio.scan() is used to scan the networks upon request by the app, where as the WebRadio.control() is used to control the networks the device uses.
The WebRadio API should be behind a two permission requests because this has privacy implications. The WebRadio API should have two levels, level 1 and level 2.
In level 1, WebRadio.scan() permission is allowed. In level 2, WebRadio.scan() and WebRadio.control() permission is allowed.
It is difficult to make the user understand the impact of this on their privacy.
We propose the Title and Body of permissions to help better make the user understand the impact.
For level 1:
Scan nearby radio networks
Allows the app to scan for GPS, WiFi, Bluetooth and Cellular Towers. This may allow the app to access your location.
For level 2:
Scan and control radio devices
Allows the app to control GPS, WiFi, Bluetooth and Cellular Towers. This may allow the app to access your location.
The WebRadio.scan() and WebRadio.control() have 4 more sub properties
4. Cellular Towers
The WebRadio.control() has two additional sub property that it can control
1. WiFi hotspot
2. Bluetooth hotspot
The WebRadio.scan() returns several things:
For WiFi, the BSSID, SSID, Strength (in decibels), type (ie. 802.11n), Channel, Frequency are returned.
For Bluetooth the address, Strength are returned.
For GPS, if GNNS is supported, it is returned.
For Cellular Tower, nearby towers, their strength and Cell id are returned. The currently connected to tower’s id and strength is also returned.
Use cases of this API:
Allows independent mapping services without using the default geolocation provider of the browser vendor.
Allows independent information auditing.
Allows for mesh networks to be formed.
Allows apps like sharing of mobile data with nearby devices.