W3C home > Mailing lists > Public > public-p3p-spec@w3.org > July 2003

Re: Grouping Statements Proposal

From: Matthias Schunter <mts@zurich.ibm.com>
Date: Wed, 30 Jul 2003 08:53:59 +0200
Message-Id: <5.1.0.14.2.20030730084836.031cb9f0@localhost>
To: "Jeremy Epling" <jepling@windows.microsoft.com>, <public-p3p-spec@w3.org>

Hi Jeremy,

thanks for your design. I feel that grouping statements is a good idea.

The actual syntax for grouping is elaborated in our earlier draft on 
consent choices:
  http://www.w3.org/P3P/2003/05-cc-changes-to-P3P.html

I feel that grouping statements is a good idea for multiple purposes.
Therefore, I feel that we should have a general group mechanism where each 
group should have multiple properties:
- opt-in opt-out or always (from consent choices)
   syntactically this can be implicit: either all statements are 
always/opt-in, or opt-out.
- target (something specifying whether it's the ebay or amazon part)
   The target is something that might be useful to add to your proposal.
   I don't know how to express this in a nice syntax.

Why don't we merge both proposals into a "grouping statements" proposal?

Regards,

matthias



At 07:00 PM 7/29/2003 -0700, Jeremy Epling wrote:

>Below are the basics of my proposal for statement grouping.
>
>
>
>Problems
>    * Policies are not relevant to how a user interacts with the site
>        * Users don t know what part of a P3P policy applies to them and 
> there activities on a site
>        * Users understand scenarios of how they interact with a site 
> better than a series of statements related to a feature of the site
>    * Policy authors have to make highest common denominate policies that 
> could look more privacy impacting than they are for most users
>
>
>Goals
>    * Provide a method for showing the sections of the P3P policy that 
> apply to how a user interacts with the site/service
>    * Allow an easy way for policy authors to describe what sections of 
> their P3P policy apply to different user interaction with their site/service
>
>
>Scenarios
>    * User browses to ebay and views the P3P policy. They are able to skip 
> to the buyer section of the P3P policy since that is what applies to them.
>    * User browses to amazon and views the P3P policy. The can see that 
> since they are not logged in less information is collected about them.
>
>
>Design
>
>
>
>The P3P author decides the name of the statement group which is used in 
>the display of the agent when it translates the nodes to natural language.
>
>
>
><Statement>
>
>             <extention>
>
>                         <grouping-id>Member</grouping-id>
>
>             </extention>
>
><statement>
>
>
>
>Issues
>    * Do agents now show conflicts per grouping?
>
>
>Jeremy Epling
>Windows - Privacy and Trust UX
>
><BLOCKED::>wpihelp - where to go for all your privacy questions
>
>

-- Dr. Matthias Schunter <mts (at) zurich.ibm.com> ---
IBM Zurich Research Laboratory,   Ph. +41 (1) 724-8329
Fax +41-1-724 8953; More info at www.semper.org/sirene
PGP Fingerprint    989AA3ED 21A19EF2 B0058374 BE0EE10D
Received on Wednesday, 30 July 2003 03:01:12 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 17 March 2004 17:46:26 EST