- From: Lorrie Cranor <lorrie@cs.cmu.edu>
- Date: Fri, 6 Feb 2004 12:16:20 -0500
- To: Giles Hogben <giles.hogben@jrc.it>
- Cc: 'public-p3p-spec' <public-p3p-spec@w3.org>
I suggest this be added as a subsection of section with the title "Timing of Notices to Users" While the directive is asking for notice about purpose, I could imagine other jurisdictions asking for notice about say, data recipients or data retention as well. So i don't think we should limit our discussion to notice about purpose. I also think we need to spell things out a bit more so that people understand what data might be transmitted before a page is displayed. It is also not entirely clear to me how clickstream information comes into play here. Here is a proposal: Timing of Notices to Users As a best practice, users should receive notice about a site's privacy practices prior to their user agent transmitting any personal data. In order to do this, a user agent would need to fetch a P3P policy prior to loading a page following the guidelines specified in section 2.4.3 The "Safe Zone." However, implementers will need to consider the performance, usability, and privacy tradeoffs associated with displaying privacy information prior to loading a page. One way that privacy and usability might be simultaneously maximized is to treat all requests made prior to display of policy information as "safe zone" requests. At sites that include form fields, user agents SHOULD provide notice about the corresponding privacy practices prior to form submittal. Besides being best practice, this may be needed in order to comply with regulations in some jurisdictions (such as the European Union) that require a notice about the purpose of data collection to be presented to the user before any personal information is captured. User interface designs should recognize that the privacy policy for the form's action URI may be different than the privacy policy for the HTML page in which the form is embedded. In order to allow users to view privacy policy information associated with action URIs prior to form submittal, user agents might include a privacy tab that loads policy information for action URIs as a page loads, a button or menu item that causes policy information for action URIs to be displayed, or a pop-up that appears when a user begins entering information into a form field. On Thursday, February 5, 2004, at 03:00 AM, Giles Hogben wrote: > > Apart from the issue on primary purpose, the following is the latest > suggested text for the UA Guidelines > > Some jurisdictions (E.g. the European Union) require human readable > information on purpose of collection to be presented to the user > before any > information is captured. One way to comply with this is to present > human > readable translations of policies for action uri's of forms > simultaneously > with the forms. As a best practice, information on purposes should be > made > available before any personal information is transmitted. This might be > achieved be achieved for example by a privacy tab which is > synchronised to > display information before pages load, or by including information > which is > displayed on clicking a link. > > > ------------------------------------- > Giles Hogben > European Commission Joint Research Centre > Institute for the Protection and Security of the Citizen Cybersecurity > New technologies for Combatting Fraud Unit > TP 267 > Via Enrico Fermi 1 > Ispra > 21020 VA > Italy > > giles.hogben@jrc.it > tel:+390332789187 > fax:+390332789576 > >
Received on Friday, 6 February 2004 12:15:55 UTC