Legal localization of P3P as a requirement for its privacy enhancing effect 1 W3C Workshop on the long term Future of P3P and Enterprise Privacy Languages (Kiel, ) Legal localization of P3P as a requirement for its privacy enhancing effect Jan Möller Independent Centre for Privacy Protection (ICPP) P3P Project

Legal localization of P3P as a requirement for its privacy enhancing effect 2 P3P and legal privacy standards Website Provider Internet Surfer W3C P3P Specification Laws or Agreements P3P Policy Legal privacy standards Sets minimum privacy standard Set Recommends Provides Reflects Bind Defines technical requirements Controls / Enforces Protect Informs

Legal localization of P3P as a requirement for its privacy enhancing effect 3 Binding effect of legal privacy standard included in the P3P Specification Website Provider Internet Surfer offers P3P by referencing a P3P Policy P3P Specification offering P3P = promise to apply includes Minimum legal privacy standard Website provider‘s P3P offer commits himself to minimum privacy standard

Legal localization of P3P as a requirement for its privacy enhancing effect 4 What is legal localization? Legal localization of P3P = adaption of P3P privacy policy (and the described data processing!) and privacy preferences of P3P agents to the legal privacy standards the parties are bound to or protected by.

Legal localization of P3P as a requirement for its privacy enhancing effect 5 Legal localization of P3P - why? Website Provider’s perspective Website Provider are bound to legal privacy standards. Incorporating these standards is an obligation by law. Showing non-compliance with the law may deter users and may attract supervising authorities.

Legal localization of P3P as a requirement for its privacy enhancing effect 6 Legal localization of P3P - why? Internet surfer’s perspective Internet surfers are used to their local legal privacy standard. Legally localized P3P preferences include this known standard as a reference. The website’s data processing practices can be compared with this reference. P3P agents can signal illegal data processing practices if user and website’s P3P Policy are configured according to the same legal privacy standard.

Legal localization of P3P as a requirement for its privacy enhancing effect 7 Legal localization of P3P - why? General reasons Combining P3P with higher legal privacy standards spreads and rises acceptance for these standards. Within member states of the European Union it is mandatory to legally localize P3P. If this does not happen de facto privacy standards are on risk to be lowered to the P3P minimum legal privacy standard. A legally localized P3P can help bridging the gap between de facto and legal privacy standard by incorporating laws into the surfing process.

Legal localization of P3P as a requirement for its privacy enhancing effect 8 Legal localization of P3P - how to? Legal localization of P3P policies Legal privacy standards can require that certain options and fields in P3P may not be used under certain circumstances or may not be used at all. Defining which options and fields are affected for a certain website requires in-depth knowledge of the legal privacy standard applicable to the website provider. To support legal localization policy generators should use legal configuration files which disallow certain fields and options or change the wizard for the building process.

Legal localization of P3P as a requirement for its privacy enhancing effect 9 Legal localization of P3P - how to? Legal localization of P3P agents P3P should be activated by default. Default P3P preferences should be legally localized (e.g. European languages versions of P3P agents should have EU Directive compliant P3P preferences). P3P agents should support an standardized preferences format with import and export capabilities (e.g. an improved APPEL format). Different formats complicate the development of legally localized P3P preferences by 3rd parties. No import function means offering many configuration options within the P3P agent or restricting the privacy protection functionality of P3P. A central download website for legally localized preference files should be referenced visibly within the P3P agent.

Legal localization of P3P as a requirement for its privacy enhancing effect10 Legal localization of P3P - how to? Extensions to the P3P standard Legal localization requires the possibilities to express local laws in P3P format. Currently some requirements of law can only be accounted for in natural language fields (e.g. information that an acceptance of data use may be canceled every time, other: see Alonso-Blas/Hogben last P3P workshop) which undermines core P3P functionality. P3P vocabulary should be extended to maintain at least the standard user rights of privacy protection laws Extended use of P3P in different fields (e.g. mobile devices) may require the extension of base data scheme (e.g. mobile IDs, device profiles/capabilities)

Legal localization of P3P as a requirement for its privacy enhancing effect11 Legal localization of P3P - who should support it? Companies building P3P policy generators Building P3P policies requires more than stating data processing practises in a correct syntax Basic legal requirements could be taken into account in the building process Companies building P3P policy generators should offer configuration files or an option for legally localized policy generation

Legal localization of P3P as a requirement for its privacy enhancing effect12 Legal localization of P3P - who should support it? Companies offering P3P agents P3P requires both parties internet surfer and website to adopt P3P P3P should be activated by default Default preferences of the P3P agent should be legally localized preferences (e.g. European languages versions of the P3P agent with EU Directive compliant P3P preferences) Upload possibility for standardized preferences files with link to website offering legally localized preference files

Legal localization of P3P as a requirement for its privacy enhancing effect13 Legal localization of P3P - who should support it? Authorities supervising legal privacy standards Assistance for website provider Give instructions how to include legal standard into P3P Provide legally localized standard policies for typical web services Assistance for the user Offer legally localized preferences in standardized file format Give instructions for privacy friendly preferences

Legal localization of P3P as a requirement for its privacy enhancing effect14 Legal localization support infrastructure Website provider Companies offering policy generators P3P policy P3P agent preferences Authorities Companies offering P3P agents User 1. uses P3P 2. loads legally localized pref. 3. arranges own pref. 1. P3P activated by default 2. legally localized default preferences 3. Upload possibility with link to legally localized preferences files 1. legallly localized preferences files 2. instructions for privacy friendly pref. 1. legally localized standard policies for typical web services 2. instructions how to include legal standard into P3P policy. includes legal privacy standard in P3P policy configuration files for legally localized policy generation 1. transparency 2. reference to judge privacy level of a website 3. fulfilled legal obligations

Legal localization of P3P as a requirement for its privacy enhancing effect15 The P3P projekt at the ICPP Supporting further privacy friendly development of the P3P standard and P3P applications Legal localization of P3P to encourage usage in accordance with European and German privacy laws Spreading knowledge on P3P and how to use it Targets

Legal localization of P3P as a requirement for its privacy enhancing effect16 The P3P project of the ICPP Legally localized P3P preferences according to European and German privacy laws Analysis of and information on legal privacy requirements for websites Legal checks of P3P policies with “ICPP tested“ seal for law compliant P3P policies (planned) Offers

Legal localization of P3P as a requirement for its privacy enhancing effect17 The P3P project of the ICPP Offers Information on download, installation and privacy friendly configuration of P3P agents Privacy friendly APPEL files for download (planned) Information on writing a privacy policy according to existing data processing practices Adaptable standard P3P policies for typical web services for download (planned)

Legal localization of P3P as a requirement for its privacy enhancing effect18 More information?