Isolated tracks may need stats API to hide some data

[alvestrand]

From w3c/webrtc-stats#699 and w3c/webrtc-stats#550, the following concern was raised:

Prior work (e.g. http://www.cs.unc.edu/~fabian/papers/foniks-oak11.pdf) has shown that you can recreate the plain text content of an encrypted, dTLS encoded audio conversation, based on patterns in packet size, frequency, etc. The fine level network information exposed by this API seems to be sufficient to re-carry out this attack. If this is needed for analysis / quality control / etc use, the API should limit it to these special cases (additional permission, for example).

This is largely irrelevant for unprotected MediaStreamTracks, where the JS already has access to the plain text content, but may be relevant for isolated streams - stats concerning those may need to be hidden.

[steely-glint]

Best practice in native messenger apps seems to be to allow or default to constant bitrate mode in Opus to protect against these attacks. I think this is a more general solution to the bigger problem than just gating the stats.

[alvestrand]

that is indeed a protection that guards against network snoops, and would also guard against byte-counters using stats.