W3C home > Mailing lists > Public > public-p3p-spec@w3.org > February 2004

Re: Art 10 Issue 1: Purpose Specification

From: Rigo Wenning <rigo@w3.org>
Date: Mon, 9 Feb 2004 18:12:31 +0100
To: "'public-p3p-spec'" <public-p3p-spec@w3.org>
Message-ID: <20040209171231.GM1079@accueil.w3.org>

Note, that the EU communications directive requires this kind of
information especially before a cookie can be set to the user machine.
So forms and cookies are the two special cases. While forms are much
more comprehensible, the info transferred by cookies is more opaque and
more p3p is needed IMHO ;)

Best, 

Rigo

On Fri, Feb 06, 2004 at 12:16:20PM -0500, Lorrie Cranor wrote:
> At sites that include form fields, user agents SHOULD provide notice 
> about the corresponding privacy practices prior to form submittal. 
> Besides being best practice, this may be needed in order to comply with 
> regulations in some jurisdictions (such as the European Union) that 
> require a notice about the purpose of data collection to be presented 
> to the user before any personal information is captured. User interface 
> designs should recognize that the privacy policy for the form's action 
> URI may be different than the privacy policy for the HTML page in which 
> the form is embedded. In order to allow users to view privacy policy 
> information associated with action URIs prior to form submittal, user 
> agents might include a privacy tab that loads policy information for 
> action URIs as a page loads, a button or menu item that causes policy 
> information for action URIs to be displayed, or a pop-up that appears 
> when a user begins entering information into a form field.
> 
> 
Received on Tuesday, 10 February 2004 09:32:55 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 17 March 2004 17:46:29 EST