Compact Privacy Policy: P3P In Two Easy Steps

I realize the importance of having a privacy policy just isn’t what it used to be right after 9/11.  Some time ago, Microsoft started to support displaying compact privacy statements (3).  You can easily view P3P statements by clicking ‘View’ then ‘Web Page Privacy Policy’.  Then click the top entry, which is usually the site/page you are currently viewing.  Then click the Summary button. This causes a request for /w3c/p3p.xml which contains information on finding the sites compact privacy policy.

I seriously doubt many people actually attempt to look for this statement although it should be included in all major websites.

Amazon has a good example of how it looks.  Just go to amazon.com and click View->Web Page Privacy Policy.  You will see how this will look.  Yahoo sends the location of the P3P file via the response header but does not work in IE or FireFox.  I am guessing they are still using an old implementation of P3P.  I tried the header on my server but FireFox nor IE7 was able to pick it up and use it in any way.

Creating a compact privacy policy is very simple and here is how to do it:

Step 1 – Create Compact Privacy Policy Directory and Files

– Create a folder named /w3c in the root site

– Create two files, p3p.xml and p3p_full.xml

Step 2 – XML Compact Privacy Policy Information

– p3p.xml:

<META xmlns="http://www.w3.org/2002/01/P3Pv1">
   <POLICY-REFERENCES>
      <POLICY-REF about="http://www.mydomain.com/w3c/p3p_full.xml">
         <INCLUDE>\*</INCLUDE>
         <COOKIE-INCLUDE name="*" value="*" domain="*" path="*"/>
      </POLICY-REF>
   </POLICY-REFERENCES>
</META>

– p3p_full.xml:

<POLICY name="forBrowsers"
discuri="http://www.mydomain.com/privacy.php">
<ENTITY>
<DATA-GROUP>
<DATA ref="#business.name">mydomain.com</DATA>
<DATA ref="#business.contact-info.postal.street">123 Example St</DATA>
<DATA ref="#business.contact-info.postal.city">Anytown</DATA>
<DATA ref="#business.contact-info.postal.stateprov">CA</DATA>
<DATA ref="#business.contact-info.postal.postalcode">90240</DATA>
<DATA ref="#business.contact-info.postal.country">USA</DATA>
<DATA ref="#business.contact-info.online.email">me@mydomain.com</DATA>
<DATA ref="#business.contact-info.telecom.telephone.intcode">1</DATA>
<DATA ref="#business.contact-info.telecom.telephone.loccode">123</DATA>
<DATA ref="#business.contact-info.telecom.telephone.number">4567890</DATA>
</DATA-GROUP>
</ENTITY>
<ACCESS><nonident/></ACCESS>
<DISPUTES-GROUP>
<DISPUTES resolution-type="independent"
service="http://www.mydomain.com"
short-description="mydomain.com">
<IMG src="http://www.mydomain.com/images/privacy.jpg" alt="Privacy Logo"/>
<REMEDIES><correct/></REMEDIES>
</DISPUTES>
</DISPUTES-GROUP>
<STATEMENT><br /> <PURPOSE><admin/><develop/></PURPOSE>
<RECIPIENT><ours/></RECIPIENT>
<RETENTION><stated-purpose/></RETENTION>
<DATA-GROUP>
<DATA ref="#dynamic.clickstream"/>
<DATA ref="#dynamic.http"/>
</DATA-GROUP>
</STATEMENT>
</POLICY>

At the top of p3p full file, you will see a link to the privacy policy page.  Here you will just insert the link where it is located on your server.

The privacy logo can be just about any image you want.  You can even use the trust-e image if you have it or want to link to it.

There is a lot more information you can provide in the full p3p file (2).

  1. “Section 2 What is P3P and How Does it Work?,” http://p3ptoolbox.org/guide/section2.shtml#IIa.
  2. “The Platform for Privacy Preferences 1.0 (P3P1.0) Specification,” http://www.w3.org/TR/P3P/.
  3. “Web Analytics Insight: P3P – Do we really care about it?,” http://rkapoor.blogspot.com/2007/07/p3p-do-we-really-care-about-it.html.
Advertisements

Computer Programming IT Specialist Computer Repair

Tagged with: , , , , , , , , , , , , , ,
Posted in Technology
2 comments on “Compact Privacy Policy: P3P In Two Easy Steps
  1. Mark says:

    Interesting. Thanks for the info!

  2. saverix says:

    Don’t forgeto to test your p3p policy file at http://www.w3.org/P3P/validator.html

    Thank you!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

That’s Me Ya’ll

%d bloggers like this: