W3C home > Mailing lists > Public > public-privacy@w3.org > January to March 2012

P3P fail

From: Richard Barnes <richard.barnes@gmail.com>
Date: Tue, 21 Feb 2012 08:43:20 -0500
Message-ID: <CACB24Mu8KQV9y6QSFDkbhGG2wPHBvT1fo7BDPi2HZ_zZXc+GtQ@mail.gmail.com>
To: public-privacy@w3.org
Internet Explorer is configured by default to reject cookies unless a
certain P3P policy is present.  Google, Facebook, et al. say "This is
not a P3P policy".  According to Lorrie Cranor, this practice is used
by around 1/3 of websites, including msn.com and live.com.

"Microsoft uses a 'self-declaration' protocol (known as 'P3P') dating
from 2002 under which Microsoft asks websites to represent their
privacy practices in machine-readable form," Google Senior VP of
Communications and Policy Rachel Whetstone says in a statement
e-mailed to Ars. "It is well known—including by Microsoft—that it is
impractical to comply with Microsoft’s request while providing modern
web functionality."

Received on Tuesday, 21 February 2012 13:43:54 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:23:53 UTC