The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
SEARCH | ABOUT | INDEX | NEWS | CORE STANDARDS | TECHNOLOGY REPORTS | EVENTS | LIBRARY
SEARCH
Advanced Search
ABOUT
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

NEWS
Cover Stories
Articles & Papers
Press Releases

CORE STANDARDS
XML
SGML
Schemas
XSL/XSLT/XPath
XLink
XML Query
CSS
SVG

TECHNOLOGY REPORTS
XML Applications
General Apps
Government Apps
Academic Apps

EVENTS
LIBRARY
Introductions
FAQs
Bibliography
Technology and Society
Semantics
Tech Topics
Software
Related Standards
Historic
Last modified: June 18, 2004
Platform for Privacy Preferences (P3P) Project

[April 27, 2004] The Platform for Privacy Preferences 1.1 (P3P1.1) Specification. W3C [Second] Working Draft. 27-April-2004. Edited by Rigo Wenning (W3C/ERCIM). "This document, along with its normative references, includes all the specification necessary for the implementation of interoperable P3P 1.1 applications. P3P 1.1 is based on the P3P 1.0 Recommendation and adds some features using the P3P 1.0 Extension mechanism. It also contains a new binding mechanism that can be used to bind policies for XML Applications beyond HTTP transactions."

[February 12, 2004]   W3C Releases Platform for Privacy Preferences (P3P) Version 1.1.    W3C's P3P Specification Working Group has published a First Public Working Draft of The Platform for Privacy Preferences 1.1 (P3P1.1) Specification. This document, along with its normative references, includes all the specification necessary for the implementation of interoperable P3P 1.1 applications. P3P simplifies and automates the process of reading Web site privacy policies, promoting trust and confidence in the Web. P3P version 1.1 is based on the P3P 1.0 Recommendation and adds some features using the P3P 1.0 Extension mechanism. It also contains a new binding mechanism that can be used to bind policies for XML Applications beyond HTTP transactions." New features in P3P 1.1 were developed from suggestions that emerged in a Workshop in Dulles/Virginia and a Workshop in Kiel/Germany. "All new features are built using P3P's own Extension mechanism, defined in version 1.0. Those extensions are contained in a new XML Schema in Appendix 5 and carry their own new namespace. All P3P 1.0 components preserve their old namespace; additionally, the version 1.1 Working Draft contains all the errata to P3P 1.0.

[December 04, 2001] The Platform for Privacy Preferences Project (P3P) "enables Web sites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit. The P3P1.0 specification defines the syntax and semantics of P3P privacy policies, and the mechanisms for associating policies with Web resources. P3P policies consist of statements made using the P3P vocabulary for expressing privacy practices. P3P policies also reference elements of the P3P base data schema -- a standard set of data elements that all P3P user agents should be aware of. The P3P specification includes a mechanism for defining new data elements and data sets, and a simple mechanism that allows for extensions to the P3P vocabulary. P3P version 1.0 is a protocol designed to inform Web users of the data-collection practices of Web sites. It provides a way for a Web site to encode its data-collection and data-use practices in a machine-readable XML format known as a P3P policy. The P3P specification defines: (1) A standard schema for data a Web site may wish to collect, known as the 'P3P base data schema' (2) A standard set of uses, recipients, data categories, and other privacy disclosures (3) An XML format for expressing a privacy policy (4) A means of associating privacy policies with Web pages or sites, and cookies (5) A mechanism for transporting P3P policies over HTTP The goal of P3P version 1.0 is twofold. First, it allows Web sites to present their data-collection practices in a standardized, machine-readable, easy-to-locate manner. Second, it enables Web users to understand what data will be collected by sites they visit, how that data will be used, and what data/uses they may 'opt-out' of or 'opt-in' to..." [from the W3C P3P version 1.0 specification 28-September-2001]

[April 30, 2003]   Call for Participation in W3C P3P and Enterprise Privacy Policy Workshop.    A call for papers has been issued in connection with the upcoming W3C Workshop on the Long Term Future of P3P and Enterprise Privacy Languages. The Workshop is hosted by the Independent Center for Privacy Protection and will be held in Kiel, Schleswig-Holstein, Germany on June 18-20, 2003. The organizers have invited position papers that "discuss either technology or policy considerations for the long-term future of P3P; papers may be based on the current P3P specification, but may also go beyond backwards compatibility to P3P 1.0. The results of this workshop will inform W3C's decision making on future P3P strategy, stimulate discussions of new developments and directions for the long-term future of P3P and privacy metadata based solutions in general and facilitate coordination with organizations engaged in related efforts." W3C also wishes to evaluate interest in enterprise privacy policy enforcement languages and to consider the relationship and/or integration of such a language with respect to P3P. The first two days of the workshop will consider any "technical problems with P3P1.0, policy goals that P3P may help address, requirements unmet by P3P1.0, and legal or policy questions that have arisen as a result of P3P implementation with a perspective on the long-term future. On the third day an EPAL session will "explore various industry use case scenarios and regulatory templates for EPAL policies and enforcement scenarios. The goal is to present EPAL capabilities in a public forum and to collect interest and feedback on the idea of a more fine grained Enterprise Privacy Language" such as the Enterprise Privacy Authorization Language developed by IBM. The P3P/Privacy Workshop has been organized under the W3C Technology and Society Domain.

[April 17, 2002]   W3C Releases Platform for Privacy Preferences (P3P 1.0) as a Recommendation.    W3C has published The Platform for Privacy Preferences 1.0 (P3P1.0) Specification as a Recommendation, signifying that it "is a stable document and may be used as reference material or cited as a normative reference from another document." The P3P specification document has been produced by the W3C P3P Specification Working Group as part of the Privacy Activity in the W3C Technology and Society Domain; contributors included "privacy advocates, Web technology leaders, data protection commissioners, and global ecommerce companies." P3P provides "a standard, simple, automated way for users to gain more control over the use of personal information on Web sites they visit. At its most basic level, P3P is a standardized set of multiple-choice questions, covering all the major aspects of a Web site's privacy policies. Taken together, the answers present a machine readable version of the site's privacy policy, a clear snapshot of how a site handles personal information about its users. P3P-enabled Web sites make this information available in a standard, machine-readable format. P3P enabled browsers can 'read' this snapshot automatically and compare it to the consumer's own set of privacy preferences. P3P enhances user control by putting privacy policies where users can find them, in a form users can understand, and, most importantly, enables users to act on what they see." W3C also published a companion working draft of A P3P Preference Exchange Language 1.0 (APPEL1.0) which "complements the P3P1.0 specification by specifying a language for describing collections of preferences regarding P3P policies between P3P agents. Using this language, a user can express her preferences in a set of preference-rules (called a ruleset), which can then be used by her user agent to make automated or semi-automated decisions regarding the acceptability of machine-readable privacy policies from P3P enabled Web sites." [Full context]

[February 13, 2002]   New W3C Platform for Privacy Preferences (P3P) Specification and Deployment Guide.    The W3C P3P Specification Working Group has released an updated Platform for Privacy Preferences 1.0 Deployment Guide as well as a 'Proposed Recommendation' version of The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. The review period for the PR specification ends on 25-February-2002. P3P version 1.0 is "a protocol designed to inform Web users of the data-collection practices of Web sites. It provides a way for a Web site to encode its data-collection and data-use practices in a machine-readable XML format known as a P3P policy. The P3P specification defines: (1) A standard schema for data a Web site may wish to collect, known as the 'P3P base data schema'; (2) A standard set of uses, recipients, data categories, and other privacy disclosures; (3) An XML format for expressing a privacy policy; (4) A means of associating privacy policies with Web pages or sites, and cookies; (5) A mechanism for transporting P3P policies over HTTP. The accompanying Guide explains what's involved in deploying P3P on a Web site, how to decide how many P3P policies to use and how to map those policies onto the Web site, different ways to publish your privacy policy, and step-by-step instructions for deploying your privacy policy on various popular Web servers." [Full context]

[February 15, 2000] The W3C P3P Specification Working Group has published a 'last call' working draft for The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. References: W3C Working Draft 11-February-2000, edited by Massimo Marchiori. Authors include: Lorrie Cranor (AT&T), Marc Langheinrich (ETH Zurich), Massimo Marchiori (W3C/MIT), Martin Presler-Marshall (IBM), and Joseph Reagle (W3C/MIT). The Last Call Ends 30-April-2000.

[July 15, 1998] The W3C has issued a second Working Draft document "Platform for Privacy Preferences (P3P) Syntax Specification." References: WD-P3P-syntax-19980702, W3C Working Draft 2-July-1998. The editors are Massimo Marchiori (W3C) and Dan Jaye (Engagetech).

[May 26, 1998] On May 19, 1998, the W3C released the first public working draft of the "Platform for Privacy Preferences (P3P) Syntax Specification." Reference: WD-P3P-Syntax-19980519, W3C Working Draft 19-May-1998. "P3P applications will enable sites to automatically declare their privacy practices in a way that is understandable to users' browsers. Privacy practices are embedded within the Web site and users can rely upon their client to ensure their privacy concerns are respected." P3P uses RDF/XML for the exchange of structured data and assertions, and Appendix 3 of the Working Draft provides several relevant DTDs. Currently, "XML elements and attributes are presently named for readability, though they may shortened to decrease the size of the encodings."

Principal References

News, Articles, Papers

  • [February 23, 2004] "Handling Privacy In WSDL 2.0." Edited by Hugo Haas (W3C). W3C Team Submission. 13-February-2004. ['This document discusses how to handly privacy in WSDL 2.0 and shows a possible solution using the P3P generic attribute and a WSDL 2.0 feature in order to express a Web service provider entity's privacy policy.'] "In the same way Web sites have privacy policies, Web services may raise privacy concerns, as shown in section 2 and 4 of J. Reagle, et al., "P3P: Beyond HTTP." Users of Web services may want to know how and for what purpose their personal data will be used before deciding to use a service. The Platform for Privacy Preferences Project (P3P) enables Web sites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit. The Web Services Description Language (WSDL) 2.0 is an XML language for describing Web services. When used in combination with P3P, one can express the privacy policy of a Web service. This document proposes two ways to express and process privacy policies in WSDL 2.0. One way is to use the generic P3P attribute of the Platform for Privacy Preferences 1.1 (P3P1.1) Specification to extend a WSDL 2.0 description to attach provider entities' privacy policies. The other way is to use a WSDL 2.0 feature..."

  • [February 13, 2002] "The Platform for Privacy Preferences 1.0 Deployment Guide." W3C Note 11-February-2002. By Martin Presler-Marshall (IBM). Version URL: http://www.w3.org/TR/2002/NOTE-p3pdeployment-20020211. Previous Version URL: http://www.w3.org/TR/2001/NOTE-p3pdeployment-20011130. "The Platform for Privacy Preferences (P3P) provides a way for Web sites to publish their privacy policies in a machine-readable syntax. This guide explains how to deploy P3P on a Web site, and issues that Webmasters and content owners should consider when deploying P3P. This guide is intended for Web site administrators and owners. You can use it whether you operate your own Web server (or many of them), or are responsible for some pages on a server someone else operates. You should have some familiarity with publishing content (HTML files, images, etc.) to a Web server, but do not need to be an expert at configuring and operating Web servers. You also don't need to be a P3P expert. This guide will discuss how to go about deploying P3P. It will discuss: (1) What's involved in deploying P3P on a Web site. (2) How to decide how many P3P policies to use, and how to map those policies onto the Web site. (3) Different ways to publish your privacy policy, and the pros and cons of each. (4) Step-by-step instructions for deploying your privacy policy on various popular Web servers. The W3C maintains a list of P3P implementations which includes pointers to tools which can help with 'how to code a privacy policy in the P3P syntax'." See also the FAQ document "P3P and Privacy on the Web FAQ" and "W3C Privacy Activity Statement."

  • [June 27, 2003]   Six New Internet Drafts from the IETF Geographic Location/Privacy Working Group.    Geopriv Location Object Markup Language and Geopriv Authorization Policies are two of (at least) six new Internet Drafts published in June 2003 as candidate work by members of the IETF Geographic Location/Privacy (GEOPRIV) Working Group. This IETF WG was chartered to "assess the authorization, integrity, and privacy requirements that must be met in order to transfer such information, or authorize the release or representation of such information through an agent. Its goal is to produce a specification that has broad applicablity and will become mandatory to implement for IETF protocols that are location-aware." The draft Geopriv Location Object Markup Language document "presents a foundational version of a markup language suitable for representing the Geopriv Location Object (LO); this language is defined by means of a W3C XML schema." The Authorization Policies draft proposes the use of the XML-based XACML (Extensible Access Control Markup Language) standard to express policies for access to location information. The GEOPRIV Working Group is beginning a new phase of activity to formally define the Geopriv Location Object. [related technology]

  • [November 12, 2002] "Using P3P to Negotiate Access Rights to User Profiles " By Wolfgang Woerndl (Technische Universität München, Munich, Germany). A Position Paper prepared for the W3C Workshop on the Future of P3P (November 12-13, 2002). "This position paper demonstrates the application of P3P and APPEL in decentral management of user profiles. After a short introduction, our ideas for privacy preserving identity management are summarized... Commercial systems such as Microsoft .NET Passport or the Open Source Liberty Alliance Project are already being used or are under development. However, these applications presently lack strong privacy mechanisms. Users need to control access to their personal data. Access control based on privacy policies and preferences is an integral part of our project to decentralize user profile management... In our project Cobricks ('Bricks for community support systems'), we are exploring ideas for federated user profile management, especially to support (virtual) communities. We are interested in interoperability among systems and nevertheless preserving the privacy of personal information. In our scenario, a service agent requests user profile information from a user profile agent and the system needs to determine whether access should be granted or not. Therefore, an access control system based on the purpose and context of data accesses is needed. The proposed access control system for user profiles consists of two phases: (1) Negotiation of access rights using privacy policies and preferences, and generation of an Access Ticket; (2) Data access with the Access Ticket. The negotiation of access rights is based on P3P and APPEL. An user profile agent evaluates the access request and the P3P policy of the service with user preferences. These user preferences are APPEL rules with some extensions to faciliate access control principles such as access modes (e.g., 'read' or 'write'). If the user profile agent cannot reach a decision, user interaction may be necessary. The result of this semi-automatic negotiation process is an Access Ticket (AT). The Access Ticket is a XML document that manifests the access rights of a certain service to the user profile information. The AT is digitally signed by the user profile agent or ID Repository on behalf of the user and must be presented by the service with each data access... The Access Tickets are similar to other XML based access control approaches such as XML Access Control Markup Language (XACML), but tailored for user profil data access. In our project and possibly related work such as the Liberty Alliance Project or eXtensible Name Service (XNS), P3P and APPEL are used (or could be used) to determine access rights to personal information..." A more detailed presentation is given in "Community Support and Identity Management."

  • [November 12, 2002] "Why is P3P Not a PET?" By Ruchika Agrawal (Electronic Privacy Information Center - EPIC). A Position Paper prepared for the W3C Workshop on the Future of P3P (November 12-13, 2002). "This paper identifies a broad definition and necessary requirements of privacy-enhancing technologies (PETs), provides examples of effective PETs, questions why P3P does not satisfy the definition of PETs, and finally, raises other concerns about P3P. Privacy-enhancing technologies are protocols, standards, and tools that directly assist in protecting privacy, minimizing the collection of personally identifiable information, and when possible, eliminating the collection of personally identifiable information... Blind signatures are an extension of digital signatures. Digital signatures simply ensure authentication, while blind signatures ensure authentication of individuals without identification. One-way functions provide the mathematical foundation for blind signatures, ensuring that the identity of the individual signer cannot be computed in a reasonable amount of time. One application employing blind signatures is the use of "digital cash", which is analogous to the use of hard cash in that it cannot identify the spender while the service provider is assured of the transaction's authenticity. Blind signatures serve as a good example of an effective PET, since blind signatures eliminate the collection of personally identifiable information... P3P fails as a privacy-enhancing mechanism because P3P does not aim at protecting personal identity, does not aim at minimizing the collection of personally identifiable information, and is on a completely different trajectory than the one prescribed by the definition of PETs. P3P provides no genuine privacy protection: instead of being used to minimize the collection of personally identifiable information, P3P can easily be used to obtain data from consumers by facilitating the collection of personal information through the guise of notice and choice..."

  • [November 12, 2002] "A Technical Analysis of Problems With P3P v1.0 and Possible Solutions." By Giles Hogben (Joint Research Center of the European Commission). A Position Paper prepared for the W3C Workshop on the Future of P3P (November 12-13, 2002). "This paper represents the views of the Joint Research Center of the European Commission and has been endorsed in general terms by a meeting of the Internet Task Force of the EU Article 29 working group. The paper discusses problem areas in P3P 1.0 and proposes possible solutions. It focuses on P3P's relationship with EU law but also covers all issues we feel should be given priority. It is divided into a section on short-term issues and an annex on longer-term issues. We discuss a group of issues relating to addressing the potential mismatch between 'promise and practice', which we see as a fundamental problem in P3P1.0. These issues include a taxonomy of security measures, use of digital signatures to provide non-repudiatability and last but not least, an outline architecture for the use of P3P in audit trail systems to provide a check on actual practices... A principle problem for P3P is that if a company's practices contravene its stated privacy policy, there is little technical framework to prove that a company made the statements which may have existed on its server at a given time. I.e., it is too easy for a company to repudiate its policy. While P3P does increase the level of trust felt by consumers by providing more transparent and unambiguous information, it does not however provide any assurance as to the authenticity and integrity of this information... XML signatures offer an ideal solution to the problem of making a policy at a given URI non-repudiatable. XML signatures provide the opportunity to introduce assertions such as "X assures the content of this document" into the semantics of signed material. Also since P3P is entirely expressed in XML, it is pragmatic to use the XML version of asymmetric digital signatures to provide this assurance... We examine and build upon the proposals of Reagle for the inclusion of XML digitally signed policies within P3P. As Reagle has already set out most of the mechanisms for achieving this, we make only three minor additions to the technical specification. Our main aim is to look at possible technical problems with the use of the XML signature extension, and their solutions... P3P enabled servers could have the possibility of providing an XML digital signature as part of their policy, or as a separate document referenced within the policy. This is easily accomplished provided that the correct syntax is incorporated into the P3P specification..."

  • [December 05, 2001]   W3C Publishes Updated Platform for Privacy Preferences 1.0 Deployment Guide.    A new release of the W3C's Platform for Privacy Preferences 1.0 Deployment Guide is designed to help web site operators "deploy the Platform for Privacy Preferences (P3P) on their sites, and provides information on the tasks required." The Platform for Privacy Preferences (P3P) defines a way for Web sites to publish their privacy policies in a machine-readable syntax. Relevant XML Schemas and XML DTDs are presented in the appendices of the P3P 1.0 working draft specification, published September 28, 2001. A Web site will deploy P3P in order to make its privacy practices more transparent to the site's visitors. A visitor's Web browser can download the machine-readable privacy statements, and compare the contents of those statements to the user4s preferences. This way, the user4s browser can automatically notify the user when they visit a site whose practices match the user4s preferences. or warn the user if the practices and preferences don't match... A P3P policy file contains a description of data collection, use, and sharing practices; it does not, however, declare what that policy applices to. P3P uses a separate file, called a policy reference file, to list the P3P policies in use at a site (or portion of a site), and what portions of the site and what cookies are covered by each policy." [Full context]

  • [September 28, 2001] The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. W3C Working Draft 28-September-2001. Version URL: http://www.w3.org/TR/2001/WD-P3P-20010928. Latest Public Version URL: http://www.w3.org/TR/P3P/. Previous Version URL: http://www.w3.org/TR/2001/WD-P3P-20010924. Edited by Massimo Marchiori (W3C/MIT/UNIVE). Authored by Lorrie Cranor (AT&T), Marc Langheinrich (ETH Zurich), Massimo Marchiori (W3C/MIT/UNIVE), Martin Presler-Marshall (IBM), and Joseph Reagle (W3C/MIT). This Platform for Privacy Preferences (P3P) document, together with its normative references, "includes all the specification necessary for the implementation of interoperable P3P applications." XML Schemas and DTDs are presented in the appendices: Normative Appendix 3: 'P3P base data schema Definition' presents the XML schema corresponding to the P3P base data schema; Normative Appendix 4: 'XML Schema Definition' provides the XML schema for P3P policy reference files, for P3P policy documents, and for P3P data schema documents; Non-normative Appendix 5: 'XML DTD Definition' contains the XML DTD for policy documents and for data schemas.

  • [September 28, 2001] Schemas/DTDs for P3P version 1.0 specification 28-September-2001, separate files: (1) P3P 1.0 XML Schema definition for Base Data Structures, cache; (2) P3P 1.0 XML Schema Definition, cache; (3) P3P 1.0 XML DTD Definition, cache.

  • [December 05, 2001] "The Platform for Privacy Preferences 1.0 Deployment Guide." W3C Note 30-November-2001. Author/Editor: Martin Presler-Marshall (IBM). This release updates the version of 2001-07-24. Version URL: http://www.w3.org/TR/2001/NOTE-p3pdeployment-20011130. Latest VersionURL: http://www.w3.org/TR/p3pdeployment. "This is a guide to help site operators deploy the Platform for Privacy Preferences (P3P) on their site. It provides information on the tasks required, and gives guidance on how to best complete them. The Platform for Privacy Preferences (P3P) provides a way for Web sites to publish their privacy policies in a machine-readable syntax... A Web site will deploy P3P in order to make its privacy practices more transparent to the site's visitors. P3P defines a way for sites to publish statements of their privacy practices in a machine-readable format. A visitor's Web browser can then download those machine-readable privacy statements, and compare the contents of those statements to the user's preferences. This way, the user's browser can automatically notify the user when they visit a site whose practices match the user4s preferences - or warn the user if the practices and preferences don't match... A P3P policy file contains a description of data collection, use, and sharing practices. It does not, however, declare what that policy applices to. P3P uses a separate file, called a policy reference file, to list the P3P policies in use at a site (or portion of a site), and what portions of the site and what cookies are covered by each policy... P3P policy reference files list the P3P policies which a site is currently using, and map out what parts of the site each one applies to. This mapping is done by giving a list of one or more URL patterns that each policy applies to. Each pattern is a local URL, and is allowed to contain wildcards. Thus a policy reference file might say that policy 'policy-1' applies to just /index.html, or to /content*, which means 'all URLs on this host that begin with /content'. Policy reference files use the <INCLUDE> element to indicate what URLs are covered by a specific policy." Principal document revisions: [1] Addition of a section describing restrictions in the use of the compact policy format. "In addition to the full XML privacy statements defined by P3P, P3P also defines a compact policy format. The compact policy summarizies the portion of the P3P policy which applies to the cookies in a response. The summary is sent in a simple, compact syntax. The compact policy is returned as an HTTP response header. This means that the client will have the compact policy available to it when it considers any cookies sent by the site. The use of compact policies is optional for Web sites; however, their use is strongly encouraged. Due to their location and simple syntax, compact policies can be quickly processed by clients, allowing them to make decisions on processing the cookies in that response. [2] An updated Appendix section A.3 'Microsoft Internet Information Server' which covers Microsoft Internet Information Server (IIS) on a Microsoft Windows 2000 Server platform; the P3P header can be added through the IIS snap-in from the Computer Management console (MMC) on a Microsoft Windows 2000 server. This section shows how to associated a web page with its P3P privacy policy. See also the W3C P3P specification and the list of P3P implementations.

  • [August 23, 2001] "P3P: Protector Of Consumers' Online Privacy." By Jason Levitt. In InformationWeek (August 20, 2001), pages 44-46. "While various security standards and technologies have emerged in recent years, few technological innovations have evolved to help protect the privacy of personal information. P3P, the Platform for Privacy Preferences, is perhaps the first technology that consumers will encounter, because it will be part of Microsoft's forthcoming Internet Explorer 6.0 browser. P3P is a World Wide Web Consortium standard designed to help users gain control over the use of their personal data. The standard is starting to appear on Web sites and in software products. The primary purpose of P3P is to turn the fine print of a Web site's privacy policy into something that users can understand. P3P should help consumers make informed decisions about whether to share their personal information with a Web site. To accomplish this goal, P3P must be deployed on both clients and servers. On the server side, Web sites must encode their privacy policies in a machine-readable XML language. Users who access the Web site using a P3P-compliant client, such as Internet Explorer 6.0, can review the sites' privacy policies and decide whether they want to divulge any personal information. While many E-commerce sites have online privacy policies, these policies are often written in legalese that's hard for users to understand. P3P's XML language will encourage sites to express their privacy policies with precision and specify exactly what they'll do with users' private information. For sites that want to deploy P3P, translating their current privacy practices into P3P's XML language will be a primary challenge. This can be tedious, because P3P requires exact answers for many privacy questions... Consultants such as PricewaterhouseCoopers have helped companies deploy privacy policies, and P3P generator tools such as IBM's P3P Editor and Microsoft's Privacy Wizard help translate natural-language privacy policies into P3P's XML privacy language... AT&T, IBM's Tivoli subsidiary, and NEC are other vendors that are committed to supporting P3P in various products and services. But many other software makers aren't yet committed to P3P. 'At the moment, we aren't sure whether P3P is the best solution,' says Live Leer, a PR manager for Opera Software AS, creators of the Opera Web browser. Similarly, P3P isn't in Netscape's version 6.1 browser, released last week, or America Online's software, which is used by 30 million people. With the release of Internet Explorer 6.0, it's certain that P3P will be on some user desktops this fall, but will it make a difference in users' online privacy experience? Ultimately, P3P will have little effect unless sites deploy it and there are sufficient privacy laws to back it up..." See W3C Privacy and P3P.

  • [August 23, 2001] "Microsoft Adopts P3P In Internet Explorer 6.0." By Jason Levitt. In InformationWeek (August 20, 2001), page 46. "Web-site operators and users may be in for a surprise when Microsoft's Internet Explorer 6.0 browser is released Oct. 25. That's because users may be confronted with privacy warnings displayed by the browser, and some Web sites may receive complaints from those users. The warnings are the result of Microsoft's implementation of the Platform for Privacy Preferences. P3P is a World Wide Web Consortium standard that lets Web sites display their privacy policies so that users can decide how much personal data they want to reveal to the site. For users, the default privacy settings in Internet Explorer 6.0 will block all third-party cookies. Cookies are bits of data that Web sites use to store information on a user's computer such as a logon name and password so users don't have to enter that data each time they visit the site. Cookies can also track users' behavior, such as the sites they visit and products they buy. Third-party cookies come from Web sites other than the site the user is browsing. Typically, ad banners are the most common source of third-party cookies. Internet Explorer 6.0 will display a warning dialog box and an icon in the browser status bar the first time a user encounters a non-P3P-compliant site that attempts to store third-party cookies on the user's machine... Some sites might use forms or other mechanisms to transmit personal data, says Lorrie Cranor, chair of the P3P specification working group at the World Wide Web Consortium and a researcher at AT&T Labs. That's why Cranor is working on an ActiveX Control for Internet Explorer that will offer more comprehensive P3P reporting than IE 6.0. The ActiveX Control will look at personal data sent via forms. Among other things, it will put an icon at the top of the browser window that will change to indicate whether a site is P3P-enabled and, if it is, whether or not it matches the user's preferences... For information about Microsoft's P3P initiatives, see the privacy wizard." See W3C Privacy and P3P.

  • [October 18, 2000] As part of the W3C's P3P Activity, the P3P Specification Working Group has released a new 'last call' working draft for the The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. Reference: W3C Working Draft 18-October-2000, edited by Massimo Marchiori (W3C/MIT/UNIVE). Description: "The Platform for Privacy Preferences Project (P3P) enables Web sites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit. The P3P1.0 specification defines the syntax and semantics of P3P privacy policies, and the mechanisms for associating policies with Web resources. P3P policies consist of statements made using the P3P vocabulary for expressing privacy practices. P3P policies also reference elements of the P3P base data schema -- a standard set of data elements that all P3P user agents should be aware of. The P3P specification includes a mechanism for defining new data elements and data sets, and a simple mechanism that allows for extensions to the P3P vocabulary. P3P policies use an XML encoding of the P3P vocabulary to identify the legal entity making the representation of privacy practices in a policy, enumerate the types of data or data elements collected, and explain how the data will be used. In addition, policies identify the data recipients, and make a variety of other disclosures including information about dispute resolution, and the address of a site's human-readable privacy policy." Appendices 4 and 5 of the Working Draft provide the 'XML Schema Definition' and the 'XML DTD Definition'. Status: This Last Call Working Draft is submitted for review by W3C members and other interested parties; the last call review period ends 31 October 2000. "Following this Last Call period, the Working Group intends to submit this specification for publication as a Candidate Recommendation." [cache]

  • [October 27, 2000] "World Wide Web Consortium Holds Second P3P Interoperability Session. P3P Working Group Provides Day-Long Outreach Event in Silicon Valley." - "Over 30 leading technology and content companies, privacy advocates, and other organizations will gather on 2 November 2000 in Palo Alto, California, USA, to conduct public tests and demonstrate implementations of the Platform for Privacy Preferences Project (P3P), the World Wide Web Consortium's (W3C) Web privacy technology. The second in an ongoing outreach series, W3C's public 'interoperability session' provides an opportunity to unveil new prototypes, to test them with other P3P services, and to educate Web content and service providers about P3P. The event, hosted by Hewlett Packard, provides Silicon Valley companies the opportunity to meet P3P developers, see implementations, and get answers on how to make their sites P3P compliant. 'P3P is at its most effective when it is implemented by the largest possible number of sites. With its concentration of e-businesses in all imaginable sectors, Silicon Valley is a natural choice for P3P outreach efforts,' explained Daniel J. Weitzner, W3C's Technology and Society Domain Leader. 'Being at one of the world's centers for Web software development, we also have the opportunity for dialogue on ways to use the P3P platform to help a variety of new Web services become more responsive to user privacy needs.' Registration for the 2 November Interoperability event is open to the public. More details on this event, as well as reports on the June 23, 2000 Interoperability session are linked from the W3C P3P homepage. Web users want to know how the sites they visit use their personal information. Some companies have made efforts to publicly disclose the privacy policies of their Web sites, but the policies are often difficult to find and understand. Web users need to be able to know quickly and with confidence whether a company engages in information sharing practices that meet or conflict with their wishes. P3P enables anyone with a Web site to translate their privacy practices into XML-based P3P statements that can be retrieved automatically and easily interpreted by a P3P-enabled browser. P3P-enabled services will enhance user control by putting privacy policies where users can find them, presenting policies in a form that users can understand, and enabling users to make informed decisions based on those policies. For ecommerce services and other Web sites, P3P can e used to offer seamless browsing experiences for customers without leaving them guessing about privacy." See the P3P FAQ.

  • [September 15, 2000] As part of the W3C P3P Activity, the P3P Specification Working Group has issued a revised working draft for the The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. Reference: W3C Working Draft 15-September-2000, edited by (Massimo Marchiori (W3C/MIT/UNIVE); by [authors} Lorrie Cranor (AT&T), Marc Langheinrich (ETH Zurich), Massimo Marchiori (W3C/MIT/UNIVE), Martin Presler-Marshall (IBM), Joseph Reagle (W3C/MIT). "The Platform for Privacy Preferences Project (P3P) enables Web sites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents. P3P user agents will allow users to be informed of site practices (in both machine- and human-readable formats) and to automate decision-making based on these practices when appropriate. Thus users need not read the privacy policies at every site they visit. The P3P1.0 specification defines the syntax and semantics of P3P privacy policies, and the mechanisms for associating policies with Web resources. P3P policies consist of statements made using the P3P vocabulary for expressing privacy practices. P3P policies also reference elements of the P3P base data schema -- a standard set of data elements that all P3P user agents should be aware of. The P3P specification includes a mechanism for defining new data elements and data sets, and a simple mechanism that allows for extensions to the P3P vocabulary. P3P version 1.0 is a protocol designed to inform Web users of the data-collection practices of Web sites. It provides a way for a Web site to encode its data-collection and data-use practices in a machine-readable XML format known as a P3P policy. The P3P specification defines: (1) A standard schema for data a Web site may wish to collect, known as the 'P3P base data schema'; (2) A standard set of uses, recipients, data categories, and other privacy disclosures; (3) An XML format for expressing a privacy policy; (4) A means of associating privacy policies with Web pages or sites; (5) A mechanism for transporting P3P policies over HTTP. The goal of P3P version 1.0 is twofold. First, it allows Web sites to present their data-collection practices in a standardized, machine-readable, easy-to-locate manner. Second, it enables Web users to understand what data will be collected by sites they visit, how that data will be used, and what data/uses they may 'opt-out' of or 'opt-in' to." Contained also in separate files are (1) Appendix 4: XML Schema Definition (Normative) ['This appendix contains the XML Schema, both for P3P policy reference files, for P3P policy documents, and for P3P dataschema documents. An XML Schema may be used to validate the structure and datastruct values used in an instance of the schema given as an XML document. P3P policy and dataschema documents are XML documents that MUST conform to this schema'] and (2) Appendix 5: XML DTD Definition (Normative). [Cache: spec in HTML, XSD, DTD]

  • [May 11, 2000] W3C has released an updated version of the The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. References: W3C Working Draft 10-May-2000, edited by Massimo Marchiori (W3C/MIT). Abstract: "This is the specification of the Platform for Privacy Preferences (P3P). This document, along with its normative references, includes all the specification necessary for the implementation of interoperable P3P applications. [...] The P3P1.0 specification defines the syntax and semantics of P3P privacy policies, and the mechanisms for associating policies with Web resources. P3P policies consist of statements made using the P3P vocabulary for expressing privacy practices. P3P policies also reference elements of the P3P base data schema -- a standard set of data elements that all P3P user agents should be aware of. The P3P specification includes a mechanism for defining new data elements and data sets, and a simple mechanism that allows for extensions to the P3P vocabulary." The WD document "has been produced by the P3P Specification Working Group as part of the P3P Activity, and is the fourth revision of the last call draft issued the 2nd of November 02, 1999. A change log is included at the end of this document for convenience. This call addresses the comments received during the Last Call period, which ended April 30, 2000. A revised version of this specification is expected to advance toward W3C Recommendation status after two interoperable implementations have been demonstrated."

  • "Platform for Privacy Preferences (P3P) Syntax Specification." - Version 2.

  • [June 13, 2000] "The IBM P3P Editor provides an easy-to-use interface for creating and updating Web site privacy policies using the P3P language, a standard currently under development at the W3C. The IBM P3P Policy Editor is a visual tool for creating a Web site's privacy policy that can be interpreted by Web browsers and other user agents that support the P3P specification from the W3C. P3P (Platform for Privacy Preferences Project) offers a way for users to automate the acceptance or rejection of a Web site's requests for information, based on preferences users can set from their browsers or client devices. This provides assurance to users that their privacy is protected without having to read each Web site's privacy policy. Using P3P, an organization posts an XML-formatted privacy policy (machine-readable) on their Web site that describes their privacy practices, including the type of information collected, how the information is used, and who can get access to the information. The P3P specification for declaring the types of data collected at a site can become complicated, leaving Webmasters susceptible to errors and requiring a lot of time to develop and test. The P3P Policy Editor takes the complexity out of creating the machine-readable policy by hand. The editor includes standard data types and categories that you can quickly drop into your policy. The editor provides error-checking to help you locate elements missing from your policy that are required by the specification. The machine-readable policy is intended to be interpreted only by P3P-compliant user agents. However, these policies also include the location of a privacy policy that is intended to be read by people (human-readable). The P3P Policy Editor creates an HTML-formatted version of the policy that can be used as a base for your own human-readable policy. Or, you can use this version to ensure that your organization's machine-readable policy is consistent with the human-readable one. . ."

  • Platform for Privacy Preferences (P3P) Syntax Specification - Version 1
  • Press Release
  • DTDs
  • Testimonials


Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation

Primeton

XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI: http://xml.coverpages.org/p3p.html  —  Legal stuff
Robin Cover, Editor: robin@oasis-open.org