Jump to content

P3P

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by GeertW (talk | contribs) at 08:49, 28 September 2007 (+'Project'). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The Platform for Privacy Preferences Project, or P3P, is a protocol allowing websites to declare their intended use of information they collect about browsing users. Designed to give users more control of their personal information when browsing, P3P was developed by the World Wide Web Consortium (W3C) and officially recommended on April 16, 2002.

Purpose

As the World Wide Web became a genuine medium in which to sell products and services, electronic commerce websites tried to collect more information about the people who purchased their merchandise. Some companies used controversial practices such as tracker cookies to ascertain the users' demographic information and buying habits, using this information to provide specifically targeted advertisements. Users who saw this as an invasion of privacy would sometimes turn off HTTP cookies or use proxy servers to keep their personal information secure. P3P is designed to give users a more precise control of the kind of information that they allow to release.

A P3P-compliant website declares the kind of information it collects and its intended use as a privacy policy. A P3P enabled web browser can decide what to do by comparing this policy with the user's stored preferences. Alternatively, the browser can show the user a readable version of the policy and ask them how to proceed. As an example, a user may store in the browser preferences that information about their browsing habits should not be collected. If the policy of a Website states that a cookie is used for this purpose, the browser automatically rejects the cookie.

The main content of a privacy policy is the following:

  • which information the server stores:
    • which kind of information is collected (identifying or not);
    • which particular information is collected (IP number, email address, name, etc.);
  • use of the collected information:
    • how this information is used (for regular navigation, tracking, personalization, telemarketing, etc.);
    • who will receive this information (only the current company, third party, etc.);
  • permanence and visibility:
    • how long information is stored;
    • whether and how the user can access the stored information (read-only, optin, optout).

The privacy policy can be retrieved as an XML file or can be included, in compact form, in the HTTP header. The location of the XML policy file that applies to a given document can be:

  1. specified in the HTTP header of the document
  2. specified in the HTML head of the document
  3. if none of the above is specified, the well-known location /w3c/p3p.xml is used (for a similar location compare /favicon.ico)

P3P allows to specify a max-age for caching. A dummy /w3c/p3p.xml file could use this feature:

<META xmlns="http://www.w3.org/2002/01/P3Pv1">
  <POLICY-REFERENCES>
    <EXPIRY max-age="10000000"/><!-- about four months -->
  </POLICY-REFERENCES>
</META>

P3P User Agents

Yahoo!'s P3P policy as viewed in Internet Explorer 6.

Microsoft Internet Explorer provides the ability to display P3P privacy policies, and compare the P3P policy with your own settings to decide whether or not to allow cookies from a particular site. However, the P3P functionality in Internet Explorer extends only to cookie blocking, and will not alert you to an entire web site that violates your privacy preferences. Users who wish to use a full P3P user agent should use the AT&T Privacy Bird, which is now maintained by Carnegie Mellon's Usable Privacy and Security Laboratory.

The Privacy Finder service was also created by Carnegie Mellon's Usable Privacy and Security Laboratory. It is a publicly available "P3P-enabled search engine." A user can enter a search term along with their stated privacy preferences, and is then presented with a list of search results which are ordered based on whether the sites comply with their preferences. This works by crawling the web and maintaining a P3P cache for every site that ever appears in a search query. The cache is updated every 24 hours so that every policy is guaranteed to be up to date. The service also allows users to quickly determine why a site does not comply with their preferences, as well as allowing them to view a dynamically generated natural language privacy policy based on the P3P data. This is advantageous over simply reading the original natural language privacy policy on a web site because many privacy policies are written in legalese and are extremely convoluted. Additionally, in this case the user does not have to visit the web site to read its privacy policy.

Criticisms

The Electronic Privacy Information Center (EPIC) has been critical of P3P and believe it will make it too difficult to protect a user's privacy [1]. P3P is relying on each individual website to be honest with its policy files, as P3P-enabled browsers are unable to physically test that the site's privacy policy actually functions as advertised. However, any privacy policy displayed on a web site is subject to this problem.

As people become comfortable with P3P it may be limiting the perceived need of related privacy legislation.

Michael Kaply from IBM is reported saying the following when the Mozilla Foundation was considering the removal of P3P support from their browser-line [2]

Ah the memories.

We (IBM) wrote the original P3P implementation and then Netscape proceeded to write their own. So both our companies wasted immense amounts of time that everyone thought was a crappy proposal to begin with.

Remove it.

Live Leer, a PR manager for Opera Software explains the deliberate lack of P3P support in their browser[3]

At the moment, we aren't sure whether P3P is the best solution. P3P is among the specifications we are considering for support in the future. There have been some issues with how well P3P will protect privacy, and for that reason we have decided to wait until these are resolved.

See also