- From: Christopher D. Hunter <chunter@asc.upenn.edu>
- Date: Tue, 04 Jan 2000 13:47:30 -0400
- To: www-p3p-public-comments@w3.org
- CC: Lawrence Lessig <lessig@pobox.com>, "Simson L. Garfinkel" <simsong@vineyard.net>, Oscar Gandy <OGandy@asc.upenn.edu>
P3P Development Team, I would like to call your attention to a policy paper I have recently written critiquing industry self-regulation and P3P. My paper is basically a longer version of Jason Catlett's recent P3P comments. I hope that my work will provide you with a good overview of why many privacy rights groups are somewhat skeptical of P3P. Recoding the Architecture of Cyberspace Privacy: Why Self-Regulation and Technology Are Not Enough http://www.asc.upenn.edu/usr/chunter/p3p.html I would like to thank Lorrie Cranor for her helpful comments. After discussing recent developments with her I am somewhat more confident that P3P may have a role to play once basic OECD-like privacy laws are passed in the US. I would encourage the P3P development team to give a much clearer explanation of how an APPEL policy could enforce such laws. A step-by-step explanation of an APPEL rule that would enforce the EU Data Directive would be very valuable. Even with such a description however, I still believe that P3P will suffer from complexity and information asymmetry critiques. Finally, a few comments at the syntax level of the most recent P3P spec draft: - Under the POLICY entity or the DISCLOSURE element, why not require sites to also list a contact person and the address of the company? This type of addition would go a long way towards ameliorating the information asymmetry critique. I also believe that it will become a necessity if governments eventually set up "privacy clearinghouses" which certify company privacy practices. Perhaps all of this can already be done with APPEL? - I believe that the DISCLOSURE access element needs to be expanded. Rather than offer a rather worthless statement that a site may give you access to some information they have collected, why not require that this element be attached to every data type collected. I suppose that this would look something like this: <DATA name="user.gender"/ access="yes/no"> This would increase the level of specificity, thus allowing users greater control over their disclosure decisions. - The Categories element needs to be extended and tweaked. Perhaps the most obvious category that should be added is "Health Information," which many surveys show people are particularly concerned about. The Demographic and Socio-economic Data category should be disaggregated into multiple separate categories such as Race, Income, etc. People value these elements differently and would likely not want them lumped into one general category. I'm sure the EU would be particularly interested in a Race or Protected Minority category. This opens up a can of political worms, but the current Demographic/Socio-economic category is far to broad and limits end users ability to express exact privacy preferences. - I am somewhat concerned that an APPEL rule could also make blocking decisions based on PICS labels. I don't think that a "privacy enhancing" technology should also be in the business of content filtering. I foresee groups distributing APPEL rule sets claiming that they are meant to protect privacy, when in fact their is a hidden censorship/access limitation agenda. I hope that my paper and comments are of use to your development team, and I look forward to any comments you may have. Christopher D. Hunter Ph.D. Candidate Annenberg School for Communication University of Pennsylvania 215-732-4612 chunter@asc.upenn.edu http://www.asc.upenn.edu/usr/chunter/
Received on Tuesday, 4 January 2000 13:40:45 UTC