Additional three comments on the last call draft of the P3P specification.

Our additional comments are as follows.

1.Assurance of Policy Identity When a Website Change its URL 
Proposal: An indicator is required that indicates invariability of a
policy when a Website changes its URL and its privacy policy URL but
does not change its content and policy.
Reason: Such an indicator shows users that a Website's policy is not
changed though the Website has changed its URL. This indicator also
warns users that a Website changed its policy at the time of URL change.

2.Classification of Collected Data within Websites
Proposal: When a Website changes its policy into more invasive policy,
this Website should inform its new policy to users and obtain new
consents from users about data usage that is beyond the original data
usage on which the Website has already come to an agreement with their
users. In addition, in the same case the Website should classify
collected data as to purposes and recipients to which the users
consented, so as to obtain new consents about excess data usage. We
think the above instructions should be included in P3P Guiding
Principles.

3.Third Party Policy Labeling
Proposal: P3P 1.0 Specification should mention as an example of P3P
implementation that P3P policies of Websites can be created and labeled
by third parties unrelated to the Websites. 
Reason: Introduction of P3P policy by a large number of Websites is
crucial to diffusion of P3P standard. But there seems to be only a
handful of Websites that will create their P3P policy by themselves.
Third party labeling of P3P policy will encourage P3P adoption in
browser (client) side, and promote diffusion of P3P standard.


 Noboru Shimizu
 Development Department
 Senior Manager
 New Media Development Association
 Mita Kokusai Bldg.23F
 1-4-28 Mita,Minato-ku, Tokyo 108-0073, Japan
 (http://www.nmda.or.jp/nmda/nmda-map-e.html)
 Phone +81-3-3457-0671  FAX +81-3-3451-9604
 E-mail;shimizu@nmda.or.jp

Received on Monday, 24 April 2000 21:33:52 UTC