Presentation is loading. Please wait.

Presentation is loading. Please wait.

U.S. Department of Commerce Web Advisory Group Minding Your Own Business The Platform for Privacy Preferences Project.

Published byMaud Chandler Modified over 8 years ago

Similar presentations

Presentation on theme: "U.S. Department of Commerce Web Advisory Group Minding Your Own Business The Platform for Privacy Preferences Project."— Presentation transcript:

1

2 U.S. Department of Commerce Web Advisory Group http://www.osec.doc.gov/webresources/ Minding Your Own Business The Platform for Privacy Preferences Project

3 The E-Gov Requirements The Privacy Provisions of the E-Government Act of 2002 require both a “human readable” Privacy Policy and agency use of machine readable technology that alerts users automatically about whether site privacy practices match their personal privacy preferences.

4 Isn’t the Text Version Enough? Most users do not see the text privacy policy until after they have visited one or more of the site’s pages. Text privacy policies are sometimes difficult for users to locate, too lengthy for users to read, difficult to understand, and can change without notice.

5 Machine-Readable Policy P3P is the standard for machine-readable Privacy Policy. P3P enables web sites to translate their privacy practices into a standardized format (Extensible Markup Language - XML) that can be retrieved automatically and easily interpreted by a user's browser.

6 What Does P3P Address? Who is collecting data? What data is collected? For what purpose will data be used? Is there an ability to opt- in or opt-out of some data uses? Who are the data recipients (anyone beyond the data collector)? To what information does the data collector provide access? What is the data retention policy? How will disputes about the policy be resolved? Where is the human- readable Privacy Policy? What Does P3P Address?

7 What P3P Does Not Address P3P does not set minimum standards for privacy; nor can it monitor compliance with stated policy. –Certain types of “cookies” can be blocked based on type of cookie but not based on content of information in them. Implementation varies among browsers. –None go beyond cookies at this time.

8 How Does P3P Work?

9 How Users Are Notified Web Browser Alerts Web visitors who want to take advantage of P3P enabled sites have to set their personal privacy preferences in their web browser.

10 Browser Support Browser implementation of P3P is concerned with the issue of cookies When the browser encounters a cookie from a web page that either does not have a compact P3P policy, or that has a P3P policy that does not match the user’s privacy preferences, the user is alerted via icons. Browsers supporting Compact P3P Policy: –Netscape 7 –Mozilla –Internet Explorer 6 –AT&T Privacy Bird (Plug-in for Internet Explorer)

11 Cookies Cookies are information stored by a server on a visitor’s computer during their first visit to the site and used on subsequent visits to the site. This may be information obtained without asking (e.g., viewing habits), or information provided by the user (name, preferences). The server records this information in a text file and stores this file on the visitor's hard drive. What do your cookies say about you? Search your computer for the cookie files – You might be surprised.

12 Example of Cookies # Netscape HTTP Cookie File # http://www.netscape.com/newsref/std/cookie_spec.html # This is a generated file! Do not edit. home.frontiernet.netFALSE/FALSE1089259125regionid1 home.frontiernet.netFALSE/FALSE1089259125stateabbWV home.frontiernet.netFALSE/FALSE1089259125npa304 home.frontiernet.netFALSE/FALSE1089259125cityCharles+Town.mp3.comTRUE/FALSE1293839999RMID8c5a18333f09c160.2o7.netTRUE/FALSE1234755376s_vi_bzbx7Bmfehkf[CS]v4|3F09DC8800001DFF- A000A4A00000001|4032DDB1[CE].2o7.netTRUE/FALSE1234755376s_vi_nvnwhg[CS]v4|3F09DC8800001DFF- A000A4A00000001|4032DDB1[CE].2o7.netTRUE/FALSE1220907114s_vi_cx7Bczccdfx60x7Fl[CS]v3|3F09DC8800001DFF- A000A4A00000001|3F5F8EC2|3F09DC88|3F5F8EC3|3F5F8EFE|2|4|0|0||ltx0AGKIx04cEPASEx5Dx1Ex04lKIAx04EJx40x04lKI Ax04kBBMGA|ltx0AGKIx04cEPASEx5Dx1Ex04lKIAx04EJx40x04lKIAx04kBBMGA||||[CE].2o7.netTRUE/FALSE1220907114s_sv_cx7Bczccdfx60x7Fl[CS]v2|3F5F8EFE|[CE].2o7.netTRUE/FALSE1234755376s_vi_cx7Bczxxfifx60x7Fl[CS]v4|3F09DC9B00003CC3- A000A4F00000001|4032DDB1[CE] www.tigerdirect.comFALSE/FALSE1089172972MyEmailmyname%40domain%2Enet.bizrate.comTRUE/FALSE1373027937br105766790547740314.bizrate.comTRUE/FALSE1373027937eval105766790547766748.bizrate.comTRUE/FALSE1373027937survey23939_2003_Jul_8 These cookies contain personal information such as the city and state (Charles Town WV), area code (304), and even e-mail address (myname%40domain%2Enet or myname@domain.net)

13 Location of Cookie Files In Internet Explorer cookie files are in the “cookies” folder: –C:\Documents and Settings\user\Cookies How to Delete Cookies From Internet Explorer -Link to Microsoft Knowledge Base In Netscape cookies are stored in a file named “cookie.txt”

14 How Cookies and Browsers Interact By default, browsers allow the use of cookies. You can change your privacy settings so that your browser –Will ask you before placing a cookies on your computer, or –Will prevent the browser from accepting any cookies, or –Will handle First- and Third- Party cookies differently You can specify how you want to handle cookies from individual web sites or all web sites

15 Persistent Cookie stored on your computer remains there when you close your browser can be read by the web site that created it when you visit that site again.

16 Temporary or Session Cookie stored on your computer retained only for your current browsing session deleted from your computer when you close your web browser.

17 Unsatisfactory Cookie might allow access to personally identifiable information information could be used for a secondary purpose without your consent.

18 First-Party Cookie either originates on or is sent to the web site you are currently viewing commonly used to store information such as your preferences, for use when you re-visit the site

19 Third-Party Cookie either originates on or is sent to a web site different from the one you are currently viewing commonly used to track your web page use for advertising or other marketing purposes –Example: site xyz.com uses content from site 123.com. Site 123.com uses a cookies to track web page views and use by visitors to xyz.com

20 Setting Netscape 7 Preferences

21 Netscape 7 Notification A warning appears when the browser encounters a cookie that either does not have a compact P3P policy or has a P3P policy that does not match the browser preferences Netscape 7 Notification

22 Setting Mozilla Preferences

23 Setting IE 6 Preferences

24 IE6 Notification A warning appears when the browser encounters a cookie that either does not have a compact P3P policy or has a P3P policy that does not match the browser preferences IE6 Notification

25 IE 6 Privacy Reports

26 AT&T Privacy Bird AT&T Privacy Bird A free plug-in for Internet Explorer 6 Green BirdYellow BirdRed BirdAudible Notifications:

27

Download ppt "U.S. Department of Commerce Web Advisory Group Minding Your Own Business The Platform for Privacy Preferences Project."

Similar presentations

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
U.S. Department of Commerce Web Advisory Group Implementing Machine Readable Privacy Requirements of the E-Gov Act.

U.S. Department of Commerce Web Advisory Group Implementing Machine Readable Privacy Requirements of the E-Gov Act.
P3P Implementation Tips : Observations for approaching Design, Build and Deploy PricewaterhouseCoopers Brendon Lynch.

P3P Implementation Tips : Observations for approaching Design, Build and Deploy PricewaterhouseCoopers Brendon Lynch.
Copyright 2004 Monash University IMS5401 Web-based Systems Development Topic 2: Elements of the Web (g) Interactivity.

Copyright 2004 Monash University IMS5401 Web-based Systems Development Topic 2: Elements of the Web (g) Interactivity.
CC3.12 Lecture 12 Erdal KOSE Based of Prof. Ziegler Lectures.

CC3.12 Lecture 12 Erdal KOSE Based of Prof. Ziegler Lectures.
6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?

6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?
XP Browser and E-mail Basics1. XP Browser and E-mail Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.

XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
Privacy and Security on the Web Part 1. Agenda Questions? Stories? Questions? Stories? IRB: I will review and hopefully send tomorrow. IRB: I will review.

Privacy and Security on the Web Part 1. Agenda Questions? Stories? Questions? Stories? IRB: I will review and hopefully send tomorrow. IRB: I will review.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
Internet – Part II. What is the World Wide Web? The World Wide Web is a collection of host machines, which deliver documents, graphics and multi-media.

Internet – Part II. What is the World Wide Web? The World Wide Web is a collection of host machines, which deliver documents, graphics and multi-media.
XP Tutorial 9 New Perspectives on JavaScript, Comprehensive1 Working with Cookies Managing Data in a Web Site Using JavaScript Cookies.

XP Tutorial 9 New Perspectives on JavaScript, Comprehensive1 Working with Cookies Managing Data in a Web Site Using JavaScript Cookies.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
CMU Usable Privacy and Security Laboratory Power Strips, Prophylactics, and Privacy, Oh My! Julia Gideon, Serge Egelman, Lorrie.

CMU Usable Privacy and Security Laboratory Power Strips, Prophylactics, and Privacy, Oh My! Julia Gideon, Serge Egelman, Lorrie.
Browser and E-mail Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.

Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.

Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.

11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
By: Mr Hashem Alaidaros MKT 445 Lecture 3 Title: Affiliate Marketing.

By: Mr Hashem Alaidaros MKT 445 Lecture 3 Title: Affiliate Marketing.
Automated Tracking of Online Service Policies J. Trent Adams 1 Kevin Bauer 2 Asa Hardcastle 3 Dirk Grunwald 2 Douglas Sicker 2 1 The Internet Society 2.

Automated Tracking of Online Service Policies J. Trent Adams 1 Kevin Bauer 2 Asa Hardcastle 3 Dirk Grunwald 2 Douglas Sicker 2 1 The Internet Society 2.
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Privacy Preferences Edgardo Vega Usable Security – CS 6204 – Fall, 2009 – Dennis.

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Privacy Preferences Edgardo Vega Usable Security – CS 6204 – Fall, 2009 – Dennis.
1 Introduction to Web Development. Web Basics The Web consists of computers on the Internet connected to each other in a specific way Used in all levels.

1 Introduction to Web Development. Web Basics The Web consists of computers on the Internet connected to each other in a specific way Used in all levels.

Similar presentations

Ads by Google