The Device APIs Working Group is currently not progressing the approach outlined in this draft. Please treat this document with caution and do not reference it or use it as the basis for implementation. The domain covered by this document is still within the scope of the Working Group as defined in its Charter. The Working Group may resume this work or adopt an alternative approach depending on the interest of WG members and implementers.

The Pick Contacts Intent defines a Web Intent [[!WEBINTENTS]] that enables access to a user's address book service from inside a Web application. It defines both an Intent action/type pair that selects this operation, and the format of the contacts data that is returned by services implementing this specification

This document builds atop previous versions that were pure JavaScript APIs and turns them into an API built using Web Intents, while maintaining the data format which the JavaScript APIs had defined.

Introduction

Every operating system and a large number of Web-based service providers have different ways of representing address book information. Most users are required to maintain a plurality of contact lists which leads to multiple copies of address book data. This in turn often leads to disjoint and inconsistent information being stored across a user's address book providers.

When sharing contact data with third parties users are, more often than not, required to hand over access to their whole address book. Users are implicitly required to trust third parties with all of their data when, in reality, the user may only wish, or need, to share a subset of their address book information so that an application can fulfil its purpose. When sharing of only a subset of a user's address book is possible, it often requires the user to type the information into a form herself rather than having it extracted from one of her address book services.

This specification enables a Web application to have access to a selected subset of a user's address book, obtained from arbitrary services not known to the Web application. The interactions, brokered using Web Intents [[!WEBINTENTS]] are designed in order to maximise the user's security and privacy. Address book data may be sourced from a plurality of sources — both online and local to the user's device — so long as those sources are registered as Intent services with the user agent. It defines a common format which services use to provide data to Web applications in a consistent and interoperable manner.

The expectation is that data sharing happens with explicit user permission and filtering. The focus of this data sharing is on making the user aware of the data that they will share and putting them at the centre of the data sharing process; free to select both the extent to which they share their address book information and the ability to restrict which pieces of information related to which contact gets shared.

A set of Security and Privacy Considerations are presented for the discretion of both implementers of Pick Contacts Intent services and recipients of contact information (i.e. Web applications).

The following code illustrates how to obtain contact information from a user's address book:

        var intent = new Intent({ action:   "http://intents.w3.org/pick",
                                  type:     "http://intents.w3.org/type/contact",
                                  extras:   { fields: ["displayName", "emails"] }});
        navigator.startActivity(intent, contactsOK, contactsFail);

        function contactsOK (contacts) {
            // iterate over the array of contacts to do something useful with them
        }
        function contactsFail (err) {
            // display an error to the user
        }
      

When the above code is run, the user would typically be prompted by her user agent to select a service able to pick a contact (there may be several such services, if she has multiple address book sources). Upon selecting a service, she will be presented with an interface enabling her to choose what contact information is returned to the Web application. Upon completing her choice, the contacts data would be returned to the Web application in the contactsOK callback.

There is only one single conformance requirement placed upon the user agent product: a user agent MUST support Web Intents [[!WEBINTENTS]].

The conformance criteria in this specification apply to a single product: the contact service which exposes a Web Intent service that handles Pick Contact Intents as defined in this specification.

The data returned by the contact service is described in this specification using [[!WEBIDL]]. When this data is provided using JavaScript, then the contact service MUST do so in a manner consistent with the ECMAScript Bindings defined in the Web IDL specification.

Security and Privacy Considerations

The Intent defined in this specification can be used to find contact information from a user's address books. This discloses information related to a user's contacts such as their phone numbers, email addresses and other personally identifying information. The distribution of this information could potentially compromise the user's privacy, or the user's contacts' privacy. A conforming implementation of this specification should provide a mechanism that protects the user's privacy and this mechanism should ensure that no contact information is retrievable without the user's express permission.

Privacy considerations for implementers of the Pick Contacts Intent

A contact service should not provide contact information to Web sites without the express permission of the user. Obtaining the user's express permission to access a set of contacts does not imply that the user has granted permission for the same Web site to access more contact information. A contact service should take great care to ensure that the user can clearly see which information is about to be shared, and must not share more information than has been requested by the Web application.

A user agent may have prearranged trust relationships with a specific contact service that do not require such user interaction.

Privacy considerations for recipients of contact information

Web sites operators that retrieve contacts information using this Intent are denoted as recipients below.

Recipients should only request contact information when necessary, and only use the contact information for the task for which it was provided to them.

Recipients should dispose of contact information once that task is completed, unless expressly permitted to retain it by the user. Recipients should also take measures to protect this information against unauthorised access. If contact information is stored, users should be allowed to update and delete this information.

The recipient of contact information should not retransmit the contact information without the user's express permission. Care should be taken when retransmitting and use of encryption is encouraged.

Recipients should clearly and conspicuously disclose the fact that they are collecting contact data, the purpose of the collection, how long the data is retained, how the data is secured, how the data is shared if it is shared, how users can access, update and delete the data, and any other choices that users have with respect to the data. This disclosure should include an explanation of any exceptions to the guidelines listed above.

Note that even if a user gives permission to share their contact information this can have serious privacy implications for those parties whose contacts are shared, as they may not wish such sharing to occur. This should be considered by Web applications when requesting and using such information.

Additional implementation considerations

Further to the requirements listed in the previous section, implementers of a user agents are also advised to consider the following aspects that can negatively affect the privacy of their users: in certain cases, users can inadvertently grant permission to disclose their contacts to Web sites. In other cases, the content hosted at a certain URL changes in such a way that the previously granted contact permissions no longer apply as far as the user is concerned. Or the users might simply change their minds.

Predicting or preventing these situations is inherently difficult. Mitigation and in-depth defensive measures are a user agent's responsibility and not prescribed by this specification. However, in designing these measures, implementers are advised to enable user awareness of information sharing, and to provide easy access to user interfaces that enable revocation of permissions that Web applications have to access this Intent.

Intent Description

The action for this Intent is http://intents.w3.org/pick.

The type for this Intent is http://intents.w3.org/type/contact.

When a contact service is matched for delivery using these action and type, it MUST respond in one of two ways:

Intent Extras

The Pick Contact Intent can be instantiated with an extras field that adheres to the following dictionary.

The ContactIntentExtras dictionary

The ContactIntentExtras dictionary describes the options that can be applied to contact searching.

DOMString search
A string which provides a hint to the contact service to facilitate contacts selection by the user. The exact manner in which this hint is exploited is entirely up to the contact service.
unsigned long limit
By default a contact service MAY return as many contacts as the user selects. If limit is specified, the contact service MUST NOT return more than limit contacts. The contact service SHOULD enforce this limitation in the user interface that it exposes.
sequence<DOMString> fields
An array of field names corresponding to the name of the fields in the Contact dictionary that the Web application is requesting from the contact service. The contact service MUST NOT return defined fields on the contact objects that it provides other than those present in this list. If a field name is provided that the contact service does not recognise as a field of the Contact dictionary, then it MUST ignore it.

Data Format

Upon successful invocation, the contact service MUST return an array of Contact dictionaries.

The Contact dictionary

The Contact dictionary captures the properties of a contact object. All properties included in this interface have a corresponding definition in [[POCO-SCHEMA]], [[RFC2426]] (also known as vCard), and [[OMA-CAB]], thereby allowing the data format to be supported across implementations supporting these various contact representations.

Additional attributes MAY be included according to the provisions detailed in Extended Contact Properties and Parameters.

DOMString id
A globally unique identifier for the given Contact object.
DOMString displayName
This attribute contains the name of this Contact in a form that is suitable for display to the user.
ContactName name
This attribute represents the full name of this Contact indicated by the name components associated with the ContactName dictionary.
DOMString nickname
This attribute contains the nickname (or a casual name) for this Contact.
sequence<ContactField> phoneNumbers
This attribute captures one or more phone numbers associated with this Contact.
sequence<ContactField> emails
This attribute represents one or more email addresses associated with this Contact.
sequence<ContactAddress> addresses
This attribute represents one or more physical addresses associated with this Contact.
sequence<ContactField> ims
This attribute represents one or more instant messaging identifiers associated with this Contact.
sequence<ContactOrganization> organizations
This attribute represents one or more organisations associated with this Contact.
Date birthday
This attribute contains birthday of this Contact. The contact service MAY set the year value to 0000 when the age of the Contact is private or the year is not available.
DOMString note
This attribute contains the personal notes (free-text) for this Contact that is managed by the user of the address book.
sequence<ContactField> photos

This attribute represents one or more photos associated with this Contact.

The photos MUST be specified in the value attribute of the ContactField object by using a URL pointing to an image resource. The data: URI scheme may be used in order to provide inline data.

A contact service SHOULD NOT use this attribute to send down arbitrary photos taken by this user, but specifically profile photos of the contact suitable for display when describing the contact.

sequence<DOMString> categories
This attribute contains one or more user-defined categories/tags/labels associated with this Contact. e.g. "family", "favourite", "cryptozoologists".
sequence<ContactField> urls

This attribute represents one or more URLs associated with this Contact e.g. personal web page, blog.

The ContactName dictionary

The ContactName dictionary describes a contact's name in detail.

DOMString familyName
This attribute contains the family name (also referred to as the last name) of this Contact.
DOMString givenName
This attribute contains the given name (also referred to as the first name) of this Contact.
DOMString middleName
This attribute contains the middle name of this Contact.
DOMString honorificPrefix
This attribute contains the honorific prefix (or title) of this Contact. E.g. Mr., Dr., Ms., Mrs.
DOMString honorificSuffix
This attribute contains the honorific suffix of this Contact. E.g. Jr., III, Sr.

The ContactField dictionary

The ContactField dictionary is a reusable component that is used to capture contact fields of the Contact dictionary that have some modicum of structure.

DOMString type
This attribute contains the type information for this ContactField and its content varies subject to the contact property this ContactField is representing. For example, if the ContactField is representing a phoneNumber property, the type attribute can be set to home, mobile; if the ContactField is representing the ims property, the type attribute could be set to xmpp, irc, bbm, etc.
DOMString value
This attribute contains the value for this ContactField and its content varies subject to the contact property this ContactField is representing. For example, if the ContactField is representing an email, the value attribute could be set to JoeSmith@example.com, and if the ContactField is representing a url, the value attribute can be set to http://www.example.org/joesmith, etc.
boolean pref
This attribute indicates whether this instance of the ContactField is the preferred, or primary, value for the contact property this ContactField is representing in the Contact interface. By default, the value is false.

The ContactAddress dictionary

The ContactAddress dictionary is a reusable component that is used to capture addresses within the Contact dictionary.

boolean pref
This attribute indicates whether this instance of the ContactAddress is the preferred, or primary, value for the contact. By default, the value is false.
DOMString type
This attribute contains the type of address this object is representing (e.g. work, home, premises, etc).
DOMString streetAddress
This attribute contains the street address corresponding to this ContactAddress.
DOMString locality
This attribute contains the locality (or city) name corresponding to this ContactAddress.
DOMString region
This attribute contains the region (or state/province) name corresponding to this ContactAddress.
DOMString postalCode
This attribute contains the postal code (or zip) corresponding to this ContactAddress.
DOMString country
This attribute contains the country name corresponding to this ContactAddress.

The ContactOrganization dictionary

The ContactOrganization dictionary is a reusable component that is used to support contact organisations within the Contact dictionary.

boolean pref
This attribute indicates whether this instance of the ContactOrganization is the preferred, or primary, value for the contact. By default, the value is false.
DOMString type
This attribute contains the type of organisation this object is representing.
DOMString name
The name of the organisation.
DOMString department
The department within which this Contact works.
DOMString title
The job title that the Contact holds inside this organisation.

The ContactError dictionary

If the contact service encounters an error then it MUST return an error (through postFailure()) using the ContactError dictionary.

DOMString message
A message describing the error.

Extended Contact Properties and Parameters

A contact service MAY extend the dictionaries described in in the Data Formats section with additional fields. If providing an extended field, a contact service MUST prefix its name with X (U+0058 LATIN CAPITAL LETTER X) or use a vendor-specific prefix.