The Platform for Privacy Preferences (P3P)AgendaPrivacy EnvironmentSlide 4Slide 5Slide 6Slide 7P3P - BackgroundSlide 9Slide 10P3P - SpecificationP3P - Specification strengthsSlide 13Slide 14Slide 15P3P - Specification weaknessSlide 17P3P - ImprovementP3P Policy EditorsOutlineEditing ToolsEvaluation CriteriaSlide 23IBM P3P Policy EditorIBM P3P Policy Editor Defining Data Collection PracticesIBM P3P Policy EditorIBM P3P Policy Editor Defining New Data StructuresIBM P3P Policy Editor CorrectnessIBM P3P Policy Editor ConsistencyIBM P3P Policy Editor CompletenessIBM P3P Policy Editor Viability in IndustryYOUpowered.com Consumer Trust Policy EditorYOUpowered.comYOUpowered.com CorrectnessYOUpowered.com CompletenessYOUpowered.com ConsistencyYOUpowered.com Viability in IndustryPrivacyBot.comPIMS P3P Policy WizardSlide 40Slide 41Design RecommendationsSlide 43Slide 44Slide 45What does this mean for P3P?Future of P3P EditorsP3P User AgentsSlide 49Evaluation Criteria: Policy What is the tool intended to do?Slide 51Evaluation Criteria: Technical Design ImplicationsSlide 53Evaluation Criteria: Business Effected PartiesSlide 55Internet Explorer 6Internet Explorer 6: Policy What is the tool intended to do?Internet Explorer 6: Technical Design ImplicationsSlide 59Internet Explorer 6: Business Effected PartiesSlide 61Orby Privacy PlusOrby Privacy Plus: Policy What is the tool intended to do?Slide 64Slide 65Orby Privacy Plus: Technical Design ImplicationsSlide 67Orby Privacy Plus: Business Effected PartiesSlide 69Privacy MinderPrivacy BankUser Agent RecommendationsSlide 73Slide 74Slide 75The Future…ConclusionSlide 7810 May 2001 Platform for Privacy Preferences1The Platform for Privacy Preferences (P3P)Katherine KochMatt TaylorStanley Trepetin10 May 2001Platform for Privacy Preferences2AgendaPrivacy EnvironmentP3P SpecificationPrivacy Policy EditorsUser AgentsConclusion10 May 2001Platform for Privacy Preferences3Privacy EnvironmentOnline privacy key: 1999 Survey: 92% of Americans concerned about privacy threats when interacting online. Websites collect information and consumers willing to provide it for certain benefits.10 May 2001Platform for Privacy Preferences4Privacy EnvironmentInternet is unstable:–Poor data quality.–Organizational problems.–Security problems.–No (or difficult to read) notification.10 May 2001Platform for Privacy Preferences5Privacy EnvironmentResulting problems:–Annoyance.–Embarrassment.–Discrimination.All are unexpected.10 May 2001Platform for Privacy Preferences6Privacy EnvironmentResponses:–Social: opt-out–Technical: cookie managers, encryption, etc–Legislative:Numerous proposed bills in US (and some passed).Considerable protection in EU.10 May 2001Platform for Privacy Preferences7Privacy EnvironmentInsufficient:–Social: opt-out costly.–Technical: technology incompatible or not widespread.–Legislative: Sectoral in US.Enforcement lax in EU.10 May 2001Platform for Privacy Preferences8P3P - BackgroundP3P solves prior problems:–Essentially opt-in Preference-based decision-making.–Economic and technical issues:Widespread: integrated into MS Internet Explorer 6.Standard (i.e. standardized) specification.10 May 2001Platform for Privacy Preferences9P3P - BackgroundP3P solves prior problems (cont):–P3P works with all industries via enforceable privacy policies.Toysmart.com vs. FTC.–Privacy policies: created from consumer and government demand. However, “Notice-based” legislation is needed to ensure creation of policies.10 May 2001Platform for Privacy Preferences10P3P - BackgroundPrivacy policy maker creates policy.–Including optional human readable privacy policy.Consumers (via user agents): specify preferences, parse policy, and decide how to proceed.10 May 2001Platform for Privacy Preferences11P3P - Specification<POLICY xmlns="http://www.w3.org/2000/12/P3Pv1" discuri="http://www.catalog.example.com/PrivacyPracticeBrowsing.html"> <ENTITY> <DATA-GROUP> <DATA ref="#business.name">CatalogExample</DATA> <DATA ref="#business.contact-info.postal.street">4 Main St.</DATA> <DATA ref="#business.contact-info.postal.city">Birmingham</DATA> <DATA ref="#business.contact-info.postal.stateprov">MI</DATA> <DATA ref="#business.contact-info.postal.postalcode">48009</DATA> </DATA-GROUP> </ENTITY> <ACCESS><nonident/></ACCESS> <DISPUTES-GROUP> <DISPUTES resolution-type="independent" service="http://www.PrivacySeal.example.org" short-description="PrivacySeal.example.org"> <REMEDIES><correct/></REMEDIES> </DISPUTES> </DISPUTES-GROUP> <STATEMENT> <PURPOSE><admin/><develop/></PURPOSE> <RECIPIENT><ours/></RECIPIENT> <RETENTION><stated-purpose/></RETENTION> <DATA-GROUP> <DATA ref="#dynamic.clickstream"/> </DATA-GROUP> </STATEMENT></POLICY>10 May 2001Platform for Privacy Preferences12P3P - Specification strengthsRobust notice: policy-wide:–Human readability: short and long descriptions.–New policies don’t apply to “old” data w/o consent.10 May 2001Platform for Privacy Preferences13P3P - Specification strengthsRobust notice: data-specific:–PURPOSE - reason for data collection.–RECIPIENT – destination.–RETENTION – longetivity depends on purpose.10 May 2001Platform for Privacy Preferences14P3P - Specification strengthsACCESS to data.Enforcement: DISPUTES statement (e.g. applicable court, law, etc)10 May 2001Platform for Privacy Preferences15P3P - Specification strengthsDevelopment optimization: Compact Policies for cookies. Flexible vocabulary: Can handle new types of monitoring technologies.10 May 2001Platform for Privacy Preferences16P3P - Specification weaknessNotice weakness:–No multiple policies per person or across individuals.10 May 2001Platform for Privacy Preferences17P3P - SpecificationNo assurance that policies are being followed. No security standards.10 May 2001Platform for Privacy Preferences18P3P - ImprovementMultiple privacy policies.10 May 2001 Platform for Privacy Preferences19P3P Policy EditorsUtilities for drafting Specification-Compliant P3P Policies10 May 2001Platform for Privacy Preferences20OutlineWhat P3P editing tools are currently available?What criteria should we use to evaluate these tools?What insight do these evaluations provide designers of future tools?What role does this play in P3P’s future?10 May 2001Platform for Privacy