P3P: User Empowerment Tools for Web Privacy Daniel J. Weitzner World Wide Web Consortium 23 April 2001 National Association of Attorneys General.

Slides:



Advertisements
Similar presentations
Privacy on the WEB Privacy on the WEB Group 0227 Efrain Castro, Dinesh Parmer, Michael Raiford Robert Reich, Kim Walker, Claudia Worme.
Advertisements

ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.
U.S. Department of Commerce Web Advisory Group Implementing Machine Readable Privacy Requirements of the E-Gov Act.
Gregg McGilvray Chief Technical Strategist election.com.
Week 6 Lecture Part 2 Databases in Electronic Commerce Samuel Conn, Asst. Professor.
Chapters 14 & 15 Internet Databases. E-Commerce  Bringing new products, services, or ideas to market, supporting and enhancing business operations 
P3P Outreach Project Joshua Freed
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
The Internet industry’s privacy seal program Silicon Valley Web Guild.
Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research
The Platform for Privacy Preferences Project (P3P) Lorrie Faith Cranor AT&T Labs-Research P3P Interest Group Co-Chair October 1998.
Internet Privacy Policies Presented by: Paul Frenken President, COLAIP.
Presentation By: Lindsay McCollum Jenna Larsen Joe Soukup.
Personalization vs. Privacy Invasion © 2001 Ann Schlosser, University of Washington Business School.
ITEC810 Project By: P. M. Mathindri Nilushika Pathiraja 1.
P3P: Platform for Privacy Preferences Charlin Lu Sensitive Information in a Wired World November 11, 2003.
Lindsey Armstrong Debbie Lewis Seth Steiling. What do they do? International consortium International consortium Develop web standards through recommendations.
Web Privacy Topics Andy Zeigler Senior Program Manager, Internet Explorer Microsoft.
CMU Usable Privacy and Security Laboratory Power Strips, Prophylactics, and Privacy, Oh My! Julia Gideon, Serge Egelman, Lorrie.
1st Project Introduction to HTML.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
Chapter ONE Introduction to HTML.
Lorrie Faith Cranor AT&T Labs-Research Online Privacy What are People So Concerned About and What is Being Done About it?
Automated Tracking of Online Service Policies J. Trent Adams 1 Kevin Bauer 2 Asa Hardcastle 3 Dirk Grunwald 2 Douglas Sicker 2 1 The Internet Society 2.
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Privacy Preferences Edgardo Vega Usable Security – CS 6204 – Fall, 2009 – Dennis.
11-01: Get Started with SCP Supply Chain Platform Training Presentation Updated April 2009.
Web Standards Coding Benefits of Web Standards Coding – Variety of user agents Same marked up content can be read by browser, smartphones, screen readers.
What is E-Commerce? Section 8.1. What is E-commerce? E-commerce is the exchange of goods, services, information, or other businesses through electronic.
W3C and the EU Digital Single Market Daniel Dardailler Director of International Relations Brussels - OFE Workshop June 30th 2015.
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
P3P A New Standard in Online Privacy Overview and Demos from Summer 2000.
INTERNET PRIVACY Marketing companies The cookie leak security hole in the HTML messages The Web Bug Can we trust the privacy.
1 Summary of Intel’s P3P Implementation James M. White Consumer e-Commerce Program Manager Intel Corporation.
CS117 Introduction to Computer Science II Lecture 1 Introduction to WWW and HTML Instructor: Li Ma Office: NBC 126 Phone: (713)
Team Members ? ? Chintan Goswami Nirav Tank Project Guide ? ? Mrs. Darshana H. Patel [Internal] Mr. Manish I. Vora [External]
Privacy, P3P and Internet Explorer 6 P3P Briefing – 11/16/01.
The Future of P3P Ari Schwartz Center for Democracy and Technology Lorrie Faith Cranor AT&T Labs-Research November 2002.
Digital Publishing W3C and Digital Publishing Jeff Jaffe, W3C CEO Standards Panel 28 May 2015.
WSDL Tutorial Ching-Long Yeh 葉慶隆 Department of Computer Science and Engineering Tatung University
How P3P Works Lorrie Faith Cranor P3P Specification Working Group Chair AT&T Labs-Research 4 February 2002
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
INDUSTRY COMMITMENT TO INNOVATION IN NOTICE AND CHOICE AAAA, ANA, CBBB, DMA, IAB Convene Task-Force (April 2008) Coalition begins drafting industry principles.
1 Personalization and Trust Personalization Mass Customization One-to-One Marketing Structure content & navigation to meet the needs of individual users.
Business-to-Business Authors: Authors: Mladenka Jakovljevic, Prof. Dr. Veljko Milutinovic,
Location, Location, Location: The Emerging Crisis in Wireless Data Privacy Ari Schwartz & Alan Davidson Center for Democracy and Technology
Web Design (1) Terminology. Coding ‘languages’ (1) HTML - Hypertext Markup Language - describes the content of a web page CSS - Cascading Style Sheets.
G:\99Q3\9220\PD\AJD2.PPT 1 Harriet P. Pearson Chief Privacy Officer IBM February 7, 2003 IBM.
U.S. Department of Commerce Web Advisory Group Minding Your Own Business The Platform for Privacy Preferences Project.
Cooperation & Competition in building the Web, « the universe of network-accessible information » Jean-François Abramatic Chief Product Officer ILOG.
State of e-Authentication in Higher Education August 20, 2004.
Security Checklists for IT Products. Agenda Overview of Checklist Program Discussion of Operational Procedures Current Status Next Steps.
By Sanjay Chand.  What is a web server?  A web server is a program that, uses the client/server model and the World Wide Web’s HTTP.  My recommendation.
1 Platform for Privacy Preferences and RBC Financial Group Della Shea Manager Enterprise Web Compliance RBC Financial Group P3P Implementation Workshop.
The Platform for Privacy Preferences (P3P) Workshop on the Relationship between Privacy and Security Lorrie Faith Cranor P3P Specification Working Group.
CHAPTER 7 THE INTERNET AND INTRANETS 1/11. What is the Internet? 2/11 Large computer network ARPANET (Dept of Defense) It is international and growing.
XML and E-Commerce What is XML? XML means “Extensible Markup Language” extensible - not fixed format like HTML Enables you to define your own customized.
Comprehensive Project Management Solutions with the.NET Server family.
Web Design Terminology Unit 2 STEM. 1. Accessibility – a web page or site that address the users limitations or disabilities 2. Active server page (ASP)
CMPE 494 Service-Oriented Architectures and Web Services Platform for Privacy Preferences Project (P3P) İDRİS YILDIZ
Windows Vista Configuration MCTS : Internet Explorer 7.0.
HTML PROJECT #1 Project 1 Introduction to HTML. HTML Project 1: Introduction to HTML 2 Project Objectives 1.Describe the Internet and its associated key.
Security Checklists for IT Products
How P3P Works Lorrie Faith Cranor P3P Specification Working Group Chair AT&T Labs-Research 4 February
Microsoft, DoubleClick, and Others: Evaluating Privacy Challenges and Solutions Chapter 11 Case 4.
瞿裕忠(Yuzhong Qu) Nanjing University
The World Wide Web Needs Worldwide Standards
Procedure for adding a Trusted Site
The Platform for Privacy Preferences Project
Presentation transcript:

P3P: User Empowerment Tools for Web Privacy Daniel J. Weitzner World Wide Web Consortium 23 April 2001 National Association of Attorneys General

Overview: Approaching Web Privacy Unique Web Privacy Challenges Web Community Response: P3P P3P: Necessary but not sufficient Conclusion: Empowering users to address privacy problems

Loss of Control: The Unique Web Privacy Challenge Intel Pentium ID Windows Registry ID Doubleclick ID matching

P3P: W3C's Platform for Privacy Preference The Goal of P3P -- Meet Increasing User Privacy Demands Use the power of the Web to enhance notice enable choice Streamline ecommerce transactions Framework for global privacy

About the W3C Mission: realize the full potential of the Web Product: Technical standards and guidelines HTML, XML, Style Sheets Founded in 1994 by Tim Berners-Lee Global Reach: MIT, INRIA (France), Keio University(Japan), Offices 500+ members from industry, research, non- profit, user communities

P3P Functional Overview Notice: Easy access to the service's privacy practices through standard privacy vocabulary (in XML) Choice: machine-assisted policy guidance comparing user preferences with site practices Assurance: Reference to assuring organizations – government, self-regulatory body

P3P In Operation User Service Privacy Preferences Personal profile Privacy Policy Notice Choice Personal Data Customer Information

P3P Status at W3C and in the market P3P is W3C Candidate Recommendation (Draft Standard) Active participation from vendor & user communities - financial services, data warehousing, mobile communications Implementation Commitments: support from 25 companies; 8 companies with implementation plans

P3P Implementations Web Sites Web Software Browsers: AOL/Netscape, Microsoft Servers: IBM Browser plug-ins: IDCide, YouPowered Data mining/CRM: NCR

P3P enabled web sites And many more….

P3P Implementations IDcide Privacy Companion IBM P3P Policy Editor Create privacy policies in P3P and human-readable format Available from IBM AlphaWorks site: peditor peditor Microsoft Internet Explorer v6 – P3P for cookie control

Double clicking on the P3P icon indicates where the site’s policy differs from the user’s preferences

Searching for a P3P policy No P3P policy found P3P policy is NOT acceptable P3P policy is acceptable IDcide P3P Icons

Sites can list the types of data they collect And view the corresponding P3P policy

P3P: Necessary but not Sufficient  Necessary…  Statutes/regulations cannot make all choices or anticipate new relationships  Statutes/regulations should not make all choices  Lots of choices – machines can help  The Web is trans-jurisdictional

P3P: Necessary but not Sufficient ..but not sufficient  2 or 4 FTC Fair Information Practices  Notice  Choice  Security  Enforcement  2 of 8 OECD FIPS  Procedural Rights: notice, enforcement  Minimum standards for sensitive information: financial, medical, …

P3P & the Law  Law alone won’t suffice  Build user trust through privacy empowerment tools  Combined effort by vendors & web services needed

Next Steps for P3P  Deployment in major browsers  Target Top 100 Web Sites  No blinking VCRs on the Web – Consumer Education More information:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.