W3C home > Mailing lists > Public > public-p3p-spec@w3.org > April 2004

Re: Art 10 Issue 2: Jurisdiction

From: Lorrie Cranor <lorrie@cs.cmu.edu>
Date: Mon, 5 Apr 2004 20:14:17 -0400
Message-Id: <57E84DFA-875F-11D8-ADFB-000A95DA3F5A@cs.cmu.edu>
To: public-p3p-spec <public-p3p-spec@w3.org>

Following up on our discussion form Feb 19, we seem to have a consensus 
on
adding an optional jurisdiction extension to the recipient element
http://lists.w3.org/Archives/Public/public-p3p-spec/2004Feb/0050.html


  jurisdiction= "<JURISDICTION"
   " service=" quoted-URI
   [" short-description=" quotedstring]
  ">"
[longdescription]
  "</JURISDICTION>"



longdescription=<LONG-DESCRIPTION>PCDATA</LONG-DESCRIPTION>


Example:

                                <RECIPIENT>
                                        <EXTENSION><JURISDICTION
   service="http://europa.eu.int/smartapi/cgi/
   sga_doc?smartapi!celexapi!prod!CE
   LEXnumdoc&lg=EN&numdoc=31995L0046&model=guichett"
   short-description="EU law"
  **EU"></JURISDICTION>
                                        </EXTENSION>
                                </RECIPIENT>

   Text for specification:
The jurisdiction extension element allows user agents to make
judgments
about the trustworthiness of a data recipient based on the regulatory
environment they are placed in. Jurisdictions of recipients can be 
rendered
machine readable by inserting a known URI into the service field (e.g. 
the
URI of a body of legislation which applies). For example organizations
within the European Union can be assumed to comply to European data
protection law and could therefore insert the URI of the 95/46
directive as
in the example above. Some jurisdictions prohibit transfer of data to
certain other jurisdictions without the explicit consent of the data
subject. It should be noted therefore declaring the data transfer 
activity
of a recipient using the P3P jurisdiction extension is not sufficient
to guarantee its legality.
Received on Monday, 5 April 2004 20:15:05 EDT

This archive was generated by hypermail pre-2.1.9 : Monday, 5 April 2004 20:15:06 EDT