- From: Rigo Wenning <rigo@w3.org>
- Date: Mon, 28 Apr 2003 14:29:16 +0200
- To: public-p3p-ws@w3.org
Dear all,
you were participants in the first workshop on the Future of P3P. In
Dulles/Virginia we were talking about the near future and bugfixing in
P3P 1.0. Now W3C is organizing a second workshop to think about
long-term goals.
At the same time, we will collect feedback and interest about
standardization of a more fine grained Enterprise Privacy Language.
If you are interested, see the attached CfP
Best,
--
Rigo Wenning W3C/ERCIM
Policy Analyst Privacy Activity Lead
mail:rigo@w3.org 2004, Routes des Lucioles
http://www.w3.org/ F-06902 Sophia Antipolis
=========================================================================
W3C is holding a workshop on the long-term Future of P3P
and Enterprise Privacy Languages. This workshop is being
organized by the P3P Specification Working Group, a part of the
W3C Privacy Activity. It is hosted by the Independent Center for Privacy
Protection.
Date: 18 - 20 June 2003
Location: Kiel, Schleswig-Holstein, Germany
The Workshop page is at:
http://www.w3.org/2003/p3p-ws/
The call for participation is available at:
http://www.w3.org/2003/p3p-ws/cfp-kiel.html
The full call for participation contains information about registration
requirements and procedures, and a link to the online registration
form. The deadlines for this workshop are:
Position papers due: 24 May 2002
Registration closes: 4 June 2003
Complete program available: 7 June 2003
Please note that while this workshop is an open event, there is an
attendance limit of 75. To ensure maximum diversity among participants,
the number of participants per organization will be limited in the
event that more than 75 individuals wish to participate.
Scope of the Workshop
The workshops on the first two days will discuss technology and policy
considerations for the long-term future of P3P including new features or
applications of P3P and longer-term P3P-related research and advanced
development. Those might well address technical problems with P3P1.0,
policy goals that P3P may help address, requirements unmet by P3P1.0,
and legal or policy questions that have arisen as a result of P3P
implementation with a perspective on the long-term future.
On the third day, the EPAL session will explore various industry use
case scenarios and regulatory templates for EPAL policies and
enforcement scenarios. The goal is to present EPAL capabilities in a
public forum and to collect interest and feedback on the idea of a more
fine grained Enterprise Privacy Language (like EPAL e.g.). It will also
discuss which follow-up will be appropriate in this sector.
Goal of the Workshop
The World Wide Web Consortium is sponsoring a workshop to discuss future
applications of P3P and the Enterprise Privacy Languages, and get
feedback on what additional specifications or coordination efforts might
be necessary to support them. We are inviting position papers that
discuss either technology or policy considerations (or both) for the
long-term future of P3P. Papers can be based on the current P3P
specification, but also go beyond backwards compatibility to P3P 1.0.
The results of this workshop will inform W3C's decision making on future
P3P strategy, stimulate discussions of new developments and directions
for the long-term future of P3P and privacy metadata based solutions in
general and facilitate coordination with organizations engaged in
related efforts.
We also want to evaluate the interest in enterprise privacy policy
enforcement languages and to consider the relationship and/or
integration of such a language with respect to P3P. One proposal for
Enterprise Privacy languages that has come to the attention of the
Workshop co-chairs is Enterprise Privacy Authorization Language (EPAL),
developed by IBM. It is an example of such a formalized and
fine-grained purpose-based enterprise privacy policy language that
provides enterprise enforcement opportunities for P3P 1.0 declarative
policies.
The goals for the Enterprise Privacy Languages area are:
* Evaluate EPAL as a basis for industry consensus in this area.
* Discuss other alternatives for enterprise privacy policy
languages based on position papers.
* Discuss next steps concerning a fine-grained
privacy/authorization language.
Expected Audience
We expect several communities to contribute to the workshop:
* Organizations that develop P3P software
* Organizations with P3P-enabled Web sites
* Technologists from academia and industry who are experimenting
with P3P and related technologies
* Organizations that represent industry sectors on privacy issues
or promote industry self-regulatory efforts related to privacy
(industry associations, privacy seal providers, etc.)
* Privacy activists and organizations that represent individuals on
privacy issues
* Academic scholars who are studying privacy technology and policy
issues
* Organizations that are developing standards that may use P3P
* Government regulators and policy makers (and members of their
staff) from around the world
Deliverables
The workshop is expected to result in the following deliverables:
* Workshop position papers
* Workshop presentations
* Workshop minutes
* Workshop Summary Reports on the future of P3P and Enterprise
Privacy Authorization Language
These will be published on the workshop home page.
Contact Information
Should you have questions please feel free to contact one of the
Workshop chairs: Brian Zwit (AOL) <BrianP3P@aol.com>; Steven Adler (IBM)
<adler1@us.ibm.com>; or Rigo Wenning (W3C), who also serves as Team
Contact <rigo@w3.org>.
For Rigo Wenning, W3C Privacy Activity Team Contact;
Janet Daly, Head of Communications
Received on Monday, 28 April 2003 08:29:23 UTC