From b2f9ac281b55711f7fac0126c588eeef8862e7aa Mon Sep 17 00:00:00 2001
From: Don Marti <dmarti@cafemedia.com>
Date: Thu, 28 Apr 2022 08:09:26 -0700
Subject: [PATCH 1/2] Default to off for high risk contexts

Publishers will need to check pages for level of user risk before activating. Set the permission policy to default off, so that high risk tracking is less likely to happen  accidentally before this review.

See https://github.com/patcg/private-measurement/issues/6
---
 EVENT.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/EVENT.md b/EVENT.md
index fba48e1735..9ab30dcc0f 100644
--- a/EVENT.md
+++ b/EVENT.md
@@ -217,8 +217,8 @@ Policy](https://w3c.github.io/webappsec-permissions-policy/):
 </iframe>
 ```
 
-The API will be enabled by default in the top-level context and in same-origin
-children. Any script running in these contexts can declare a source with any
+The API will be diabled by default so that web site authors can turn it on only for pages
+where it presents an acceptable level of risk. Any script running in these contexts can declare a source with any
 reporting origin. Publishers who wish to explicitly disable the API for all
 parties can do so via an [HTTP
 header](https://w3c.github.io/webappsec-permissions-policy/#permissions-policy-http-header-field).

From e4a90f449aaab469b49e69bc4826c3799f4d34f6 Mon Sep 17 00:00:00 2001
From: Don Marti <dmarti@cafemedia.com>
Date: Thu, 28 Apr 2022 15:16:02 -0700
Subject: [PATCH 2/2] Update EVENT.md

Co-authored-by: Andrew Paseltiner <apaseltiner@google.com>
---
 EVENT.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/EVENT.md b/EVENT.md
index 9ab30dcc0f..2b607f26ce 100644
--- a/EVENT.md
+++ b/EVENT.md
@@ -217,7 +217,7 @@ Policy](https://w3c.github.io/webappsec-permissions-policy/):
 </iframe>
 ```
 
-The API will be diabled by default so that web site authors can turn it on only for pages
+The API will be disabled by default so that web site authors can turn it on only for pages
 where it presents an acceptable level of risk. Any script running in these contexts can declare a source with any
 reporting origin. Publishers who wish to explicitly disable the API for all
 parties can do so via an [HTTP