P3P: Platform for Privacy PreferencesWhat is P3P?Who created P3P?Why was P3P created?How does P3P work?Slide 6P3P Policies Include:Purpose Specifications:What P3P AccomplishesWhat P3P Does NOT AccomplishControversy over P3PControversy over P3PSupport for P3PCriticism of P3PMore Criticism of P3PBasic ConflictUniversal AgreementP3P:P3P:Platform for Privacy Platform for Privacy PreferencesPreferencesCharlin LuSensitive Information in a Wired WorldNovember 11, 2003What is P3P?What is P3P?The Platform for Privacy Preferences is a standard, computer-readable format for privacy policies and a protocol allowing web browsers and other tools to read and process privacy policies automatically.Who created P3P?Who created P3P?World Wide Web Consortium (W3C) – a nonprofit, industry-supported consortium including researchers and engineers from over 420 institutions.Participants in the development of P3P came from around the world, including representatives from industry, government, nonprofit organizations, and academia.Why was P3P created?Why was P3P created?To increase consumer trust.“If the ability to spend is the fuel that propels the economic engine, then consumers’ trust and confidence in that engine is the lubricant.” To protect privacy by allowing informed choice.Privacy is the ability of individuals to exercise control over the disclosure and subsequent uses of their personal information. Hence notice is fundamental to the individual’s ability to protect his or her privacy. To make choice easy.Privacy policies are difficult and time-consuming to locate, to read, and to understand; and they change frequently without notice.How does P3P work?How does P3P work?1. User sets personal privacy preferences on a tool such as a browser.How does P3P work?How does P3P work?2. Browser requests privacy policy from a (P3P-compliant) Web site.3. Browser compares the privacy policy with the user’s privacy preferences and acts accordingly. (Symbols, pop-up prompts, etc.)P3P Policies Include:P3P Policies Include:Who is collecting this data?What information is being collected?For what purpose?Which information is being shared with others?Who are these data recipients?Can users access their identified data?Can users make changes in how their data is used?What is the policy for retaining data?How are disputes resolved?Where can the detailed policies be found?Purpose Specifications:Purpose Specifications:Completion and support of activity for which data was providedWeb site and system administrationResearch and developmentOne-time tailoringPseudonymous analysisPseudonymous decisionIndividual analysisIndividual decisionContacting visitors for marketing of services or productsHistorical preservationContacting visitors for marketing of services or products via telephoneOther purposeWhat P3P AccomplishesWhat P3P AccomplishesMakes privacy notices easy to locate and easy to understand. Allows users to specify their privacy preferences once so that they can be automatically compared to a web site’s privacy policy. Assists users in making decisions about when to disclose personal information, how much, and to whom.What P3P Does NOT What P3P Does NOT Accomplish Accomplish Does NOT replace privacy regulations.Can NOT protect the privacy of users in jurisdictions with insufficient data privacy laws.Can NOT ensure the companies or organizations follow their stated privacy policies.“P3P does not protect privacy, in and of itself. It does, however, help create a framework for informed choice on the part of consumers. Any efficacy that P3P has is dependent upon the substantive privacy rules established through other processes – be they a result of regulatory, self-regulatory, or public pressure.”Controversy over P3P Controversy over P3P “In the context of proper legislation, P3P is the most promising solution to cyberspace privacy. It will make it easy for companies to explain their practices in a form that computers can read, and make it easy for consumers to express their preferences in a way that computers will automatically respect.” – Professor Lawrence Lessig, Stanford Law School.Controversy over P3PControversy over P3PP3P is:a) Pretty Poor Privacy, b) a Pretext for Privacy Procrastination, andc) “a tacit acceptance of the great increase in the tracking and monitoring of our minor activities that take place over the Web.” – Karen Coyle, Information Technology Specialist, University of CaliforniaSupport for P3PSupport for P3PProvides notice and consentPromotes transparency and accountability IntuitiveFlexible and globalWorthwhile processCriticism of P3PCriticism of P3PLack of enforcementUsed as a procrastination toolUnclear legal consequencesImportance of default settingsUnable to maintain current experience Expensive to implement and maintainOverly broad and vague purpose specificationsUltimatum-style communicationMore Criticism of P3PMore Criticism of P3PConsumer and business confusionRejected by the European UnionLack of actual choiceAssumes the need to gather informationDoes not address third party data collectionLack of control over an irreversible choiceBasic ConflictBasic ConflictWhat is the real problem?Lack of knowledge about how information will be used? ORThe gathering of the data itself?Universal AgreementUniversal AgreementEnforcement mechanisms are needed. “A technical platform for privacy protection…must be applied within the context of a framework of enforceable data protection rules, which provide a minimum and non-negotiable level of privacy protection for all individuals. Use of P3P in the absence of such a framework risks shifting the onus primarily onto the individual user to protect himself” – European Commission,
View Full Document