The Future of P3P Ari Schwartz Center for Democracy and Technology Lorrie Faith Cranor AT&T...
-
Upload
blake-patterson -
Category
Documents
-
view
215 -
download
1
Transcript of The Future of P3P Ari Schwartz Center for Democracy and Technology Lorrie Faith Cranor AT&T...
The Future of P3PThe Future of P3P
Ari Schwartz Center for Democracy and Technology
Lorrie Faith CranorAT&T Labs-Research
http://lorrie.cranor.org/
November 2002
3
Privacy policiesPrivacy policiesPolicies let consumers know
about site’s privacy practices
Consumers can then decide whether or not practices are acceptable, when to opt-in or opt-out, and who to do business with
The presence or privacy policies increases consumer trust
4
Privacy policy problemsPrivacy policy problemsBUT policies are often
difficult to understand hard to findtake a long time to readchange without notice
5
Platform for Privacy Preferences Project Platform for Privacy Preferences Project (P3P)(P3P)
Developed by the World Wide Web Consortium (W3C) http://www.w3.org/p3p/Final P3P1.0 Recommendation issued 16 April 2002
Offers an easy way for web sites to communicate about their privacy policies in a standard machine-readable formatCan be deployed using existing web servers
Enables the development of tools (built into browsers or separate applications) thatSummarize privacy policiesCompare policies with user preferencesAlert and advise users
6
P3P is part of the solutionP3P is part of the solutionP3P1.0 helps users understand privacy
policies but is not a complete solution
Seal programs and regulations help ensure that sites comply with their policies
Anonymity tools reduce the amount of information revealed
while browsing
Encryption tools secure data in transit and storage
Laws and codes of practice provide a base line level for acceptable policies
7
Basic componentsBasic components P3P provides a standard XML format that
web sites use to encode their privacy policies
Sites also provide XML “policy reference files” to indicate which policy applies to which part of the site
Sites can optionally provide a “compact policy” by configuring their servers to issue a special P3P header when cookies are set
No special server software required
User software to read P3P policies called a “P3P user agent”
12
P3P increases transparencyP3P increases transparency P3P clients can
check a privacy policy each time it changes
P3P clients can check privacy policies on all objects in a web page, including ads and invisible images
http://adforce.imgis.com/?adlink|2|68523|1|146|ADFORCE
http://www.att.com/accessatt/
13
P3P in IE6P3P in IE6
Privacy icon on status bar indicates that a cookie has been blocked – pop-up appears the first time the privacy icon appears
Automatic processing of compact policies only;third-party cookies without compact policies blocked by default
14
Users can click on privacy icon forlist of cookies;
privacy summariesare available atsites that are P3P-enabled
16
P3P in Netscape 7P3P in Netscape 7
Preview version similar to IE6, focusing, on cookies; cookies without compact policies (both first-party and third-party) are “flagged” rather than blocked by default
Indicates flagged cookie
17
AT&T Privacy BirdAT&T Privacy Bird Free download of beta from http://privacybird.com/
“Browser helper object” forIE 5.01/5.5/6.0
Reads P3P policies at all P3P-enabled sites automatically
Puts bird icon at top of browser window that changes to indicate whether site matches user’s privacy preferences
Clicking on bird icon gives more information
Current version is information only – no cookie blocking
23
Why web sites adopt P3PWhy web sites adopt P3P Demonstrate corporate leadership on
privacy issuesShow customers they respect their privacyDemonstrate to regulators that industry is taking
voluntary steps to address consumer privacy concerns
Distinguish brand as privacy friendly
Prevent IE6 from blocking their cookies
Anticipation that consumers will soon come to expect P3P on all web sites
Individuals who run sites value personal privacy
24
P3P Early AdoptersP3P Early Adopters News and information sites – CNET, About.com
Search engines – Yahoo, Lycos
Ad networks – DoubleClick, Avenue A
Telecom companies – AT&T
Financial institutions – Fidelity
Computer hardware and software vendors – IBM, Dell, Microsoft, McAfee
Retail stores – Fortunoff, Ritz Camera
Government agencies – FTC, Dept. of Commerce, Ontario Information and Privacy Commissioner
Non-profits - CDT
25
P3P deployment overviewP3P deployment overview1. Create a privacy policy
2. Analyze the use of cookies and third-party content on your site
3. Determine whether you want to have one P3P policy for your entire site or different P3P policies for different parts of your site
4. Create a P3P policy (or policies) for your site
5. Create a policy reference file for your site
6. Configure your server for P3P
7. Test your site to make sure it is properly P3P enabled
26
What’s in a P3P policy?What’s in a P3P policy? Name and contact information for site
The kind of access provided
Mechanisms for resolving privacy disputes
The kinds of data collected
How collected data is used, and whether individuals can opt-in or opt-out of any of these uses
Whether/when data may be shared and whether there is opt-in or opt-out
Data retention policy
28
Generating P3P filesGenerating P3P files
Edit by handCut and paste from an exampleMake sure you use P3P validator to check for
errors http://www.w3.org/P3P/validator/
Use a P3P policy generatorRecommended: IBM P3P policy editor
http://www.alphaworks.ibm.com/tech/p3peditor
Get a bookWeb Privacy with P3P http://p3pbook.com/
29
Compact policiesCompact policies Provide very short summary of full P3P
policy for cookies
Not required
Must be used in addition to full policy
May only be used with cookies
Must commit to following policy for lifetime of cookies
May over simplify site’s policy
IE6 relies heavily on compact policies for cookie filtering – especially an issue for third-party cookies
30
ImpactsImpacts Somewhat early to evaluate P3P
Some companies that P3P-enable think about privacy in new ways and change their practicesSystematic assessment of privacy practices Concrete disclosures – less wiggle roomDisclosures about areas previously not discussed
in privacy policy
Hopefully we will see greater transparency, more informed consumers, and ultimately better privacy policies
31
ResourcesResources For further
information on P3P see: http://www.w3.org/P3P/ http://p3ptoolbox.org/ http://p3pbook.com/
33
WorkshopWorkshopW3C will hold workshop
November 12-13, 2002 to discuss future of P3P
Workshop seeks to identify areas for future workP3P 1.1P3P 2.0Related standards or guidelinesCoordination with other organizations
35
User agent guidelines and User agent guidelines and conformanceconformance
P3P spec places minimal requirements on user agents
User agents have taken different approaches to cookie blocking rules, displaying policy summaries, etc.
Potential exists that user agents may misrepresent site policies
User agent certification, guidelines, best practices, etc. might help
36
Vocabulary issuesVocabulary issuesAre there privacy practices that
cannot be described adequately by the P3P vocabulary?
37
Compact policies, cookies, and Compact policies, cookies, and performanceperformance
Compact policies added to spec to improve performance and make cookie-blocking decisions faster
Compact policies over simplify, causing problems for some web sites
Cookie policies are complicated by the requirement that they cover any data linked via cookies, and the broad scope of many cookies
38
Identity management and Identity management and negotiationnegotiation
Relationship between P3P and identity management systems
Consent mechanisms
Negotiation
39
Mobile devices and location Mobile devices and location privacyprivacy
How do you provide adequate notice on small devices?
How do you configure preferences on small devices?
Are extensions to P3P needed to address location privacy issues?