- From: Christopher D. Hunter <chunter@asc.upenn.edu>
- Date: Thu, 13 Apr 2000 13:09:41 -0400
- To: www-p3p-public-comments@w3.org
To: Diedre Mulligan, Ari Schwartz, Ann Cavoukian, and Michael Gurski, I recently had the opportunity to read your paper "P3P and Privacy: An Update for the Privacy Community," (http://www.cdt.org/privacy/pet/p3pprivacy.shtml) and think on the whole it is a quite reasonable document. The most important point, and one that you will need to hammer other W3C members with, particularly the DMA, is that P3P alone is not enough to protect peoples privacy. Make this point loud, clear, and often, because Congress loves to think that technological solutions are all that is needed. Current legislative support for filters in libraries is a perfect example of this blind faith in technological solutions to complex social problems. Here are a few of my more critical comments: - At the beginning of the document you comment that P3P "will bring a measure of ease and regularity to Web users wishing to decide when and under what circumstances to disclose personal information." This seems like a very premature conclusion given that no one has demonstrated a simple to configure, edit, and use P3P browser module. Lorrie's own comments (http://www.webtechniques.com/archives/1999/09/ackerman/) point to the incredible complexity of the system. Complexity can be addressed in two ways. One, develop an interface which reflects the vast array of possible privacy preferences. This interface will be incredibly complex and daunting for the average user to set up. The other option is to use some type of simplified template. However, using a template means decreasing transparency as users are forced to buy into preset and perhaps poorly described "protection categories." Who will develop these templates? The only people with the economic resources to do so will be industry sponsored groups who will have an incentive to set low privacy protection defaults. This seems to me to be disempowering. Perhaps my fears will be set aside at the June 21st "Test Drive" of P3P implementations, but given the infinite set of individuals privacy preferences, and the near infinite set of information that datamarketers would like to collect, I'm not particularly confident that P3P will ever be able to produce an empowering, yet easy to use, end user interface. - In the same paragraph you comment "It offers an important opportunity to build greater technical support for privacy-informed Web users." Well what about all of the non privacy-informed users? The evidence I've seen shows that the vast majority of net users have no idea how much personally identifiable information can be gleaned from simple web surfing. These uninformed surfers will simply accept industry distributed default templates, which may in fact hide the many ways that sites collect personal information. - On page two you note that P3P "does help create a framework for informed choice on the part of consumers." Again, consumers will be forced to accept the rules of P3P templates which means that template developers and not individual consumers are really making the informed choices. By analogy, are consumers making an informed choice when they choose to accept all cookies by default? Well, sort of. I tried surfing with cookies turned off and realized that it was simply impossible. As a result, I was forced to make the decision to once again accept all cookies by default. Does that mean I'm making informed choices about what cookies I will accept? The same thing will happen with P3P default templates, people will be forced to trade in truly informed choice for ease of surfing. - Also on page two you comment that the "W3C does not wish to become the forum for public policy debates." This "techno-policy-neutral" position is ludicrous. The instant the W3C conceived of privacy as a set of "preferences" and not a fundamental human right, they themselves made a policy decision. After all, the W3C could have decided instead to develop a protocol which would enhance anonymity or pseudonymity, but of course it didn't. The W3C should simply admit that it's Technology and Society Domain is inevitably a public policy organization, which just so happens to have the power to implement its values through code. - On page four, item number two, you note that with P3P "Users could more easily read privacy statements before entering web sites." Unfortunately, end users will not be reading the policies, rather their user agents will. Given the problems I see arising with templates, this may actually be disempowering. - Under item number three you comment that P3P will cut through current privacy policy legalese. In my opinion it will simply substitute complicated human readable legalese with complicated machine readable legalese. Have you ever tried to read through an APPEL rule line by line?! Once again clarity and informed choice will be in the eye of the beholder, or should I say the P3P template developers. - On page five, item number four you point to P3P potentially leading to a plethora of new privacy protecting standards, organizations, and technologies. This may be true, but the W3C's own experiences with PICS and PICS label bureaus shows that third parties are unlikely to arise. Instead, one or two default P3P templates will develop, thus limiting consumer choice. The best analogy is the emergence of RSACi and SafeSurf as the only widely supported PICS-based rating systems. All of this points to the need of the W3C and its member organizations, to better understand the network and standardization effects which will be applied to any newly released Internet protocol. An excellent discussion of these forces as they apply to privacy, is provided by Jerry Kang in his "Information Privacy in Cyberspace Transactions" essay which appeared in the Stanford Law Review, Vol. 50, April 1998. In conclusion, it's heartening to see that the W3C's most recent release of the P3P specification has responded, at least in part, to the information asymmetry and categorization concerns raised by myself, Karen Coyle, and many others. Nevertheless, the protocol still faces serious issues, especially with regards to implementation. If the complexity, templates, and network effects arguments are not adequately addressed, P3P, like PICS before, will likely fail to be adopted by a critical mass of web sites and end users. Christopher D. Hunter Ph.D. Candidate Annenberg School for Communication University of Pennsylvania 215-732-4612 chunter@asc.upenn.edu http://www.asc.upenn.edu/usr/chunter/
Received on Thursday, 13 April 2000 13:00:43 UTC