- From: Lorrie Cranor <lorrie@research.att.com>
- Date: Thu, 7 Dec 2000 16:50:19 -0500
- To: "Sotos Barkas" <skbarkas@yahoo.com>, <www-p3p-policy@w3.org>
Good questions... here is my take... others should feel free to jump in too.... > Unless a site re-writes their formal privacy notice to > use the exact P3P vocabulary and model, it is possible > that the P3P policy and formal privacy notice are > different. It is possible for the P3P policy to be a > summary, while the full privacy notice has more > information. How significant is it that such > differences exist? Would a web site's legal counsel > need additional background? I think that in most cases the P3P policy will be a summary, and the human-readable policy will have more information. The important thing, is that they are consistent. So for example, to take an extreme case -- if the human readable policy said the same thing as the P3P policy, but had the disclaimer that we only abide by this policy for customers who live in Zimbabwe -- I think the FTC and most courts would find the site to be misleading its customers. So I think companies should ask - is there anything in our P3P policy that conflicts with what we say in our human-readable policy? - is there any qualifications that we make in our human-readable policy but not in our P3P policy that would be likely to mislead people who only look at our P3P policy? In general I would expect the extra information in the human-readable policy to provide more specific details about the policy. The P3P policy may say we share data with "legal entities following our practices" for example, while the human-readable policy might say something like "From time to time we may share customer data with carefully selected business partners who will treat it with the same degree of care and confidentiality as we do. These partners are selected for their ability to offer you outstanding savings on premium products." There are also some things that we say in the P3P spec that the P3P language does not provide enough flexibility to express, and therefore, the human-readable policy must express them. For example, if a site has a data retention policy they can indicate that in the P3P policy, but the details must be provided in the human-readable policy. > If the P3P agent view of a policy is not intended to > exactly represent the full privacy policy, how are > users educated to the point that P3P should only be a > general guide and that they still need to read the > full policy? That is up to each user agent. But by putting a link to the human-readable policy in the P3P policy, we make it possible for user agents to offer users a button to jump directly to the site's human-readable policy. > As a reference, please note that the P3P FAQ (item 8) > includes a list of future improvement considerations, > one of which is a mechanism for users to explicitly > agree to a P3P policy and to establish > non-repudiation. And certainly the issues you raise will have to be discussed in more detail before such improvements are added. These future improvements will not show up in P3P version 1. If and when we start working on version 2, that's when they will be considered. Lorrie
Received on Thursday, 7 December 2000 16:54:34 UTC