P3P A New Standard in Online Privacy Overview and Demos from Summer 2000.

Slides:

Advertisements

Similar presentations

The Web Wizards Guide to Freeware/Shareware Chapter Four Essential Tools for Web Page Authors.

Advertisements

Using EBSCOs Search Box Builder Tool Tutorial. Would you like to promote your EBSCOhost resources by adding an easy-to-use search box to your website?

Services Course Windows Live SkyDrive Participant Guide.

U.S. Department of Commerce Web Advisory Group Implementing Machine Readable Privacy Requirements of the E-Gov Act.

© 2010 Delmar, Cengage Learning Chapter 1 Getting Started with Dreamweaver.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research

CPSC 203 Introduction to Computers Tutorial 59 & 64 By Jie (Jeff) Gao.

6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?

XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.

Privacy and Security on the Web Part 1. Agenda Questions? Stories? Questions? Stories? IRB: I will review and hopefully send tomorrow. IRB: I will review.

Michael Donovan, River Campus Libraries – 12/03 DocuShare Overview and Training.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

Personalization vs. Privacy Invasion © 2001 Ann Schlosser, University of Washington Business School.

Lorrie Faith Cranor AT&T Labs-Research Online Privacy Promise or Peril?

1 of 6 Parts of Your Notebook Below is a graphic overview of the different parts of a OneNote 2007 notebook. Microsoft ® OneNote ® 2007 notebooks are digital.

1 of 6 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

Privacy Implications of Online Data Collection Lorrie Faith Cranor AT&T Labs-Research DIMACS Workshop.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

CMU Usable Privacy and Security Laboratory Power Strips, Prophylactics, and Privacy, Oh My! Julia Gideon, Serge Egelman, Lorrie.

Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.

APACHE SERVER By Innovationframes.com »

The Internet & Web Browsers Business Webpage Design Kelly Seale.

Online Privacy Technologies Dr. Lorrie Faith Cranor AT&T Labs-Research NTIA Online Privacy Technologies Workshop.

Lorrie Faith Cranor AT&T Labs-Research Online Privacy What are People So Concerned About and What is Being Done About it?

1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.

WorkPad 4 Quick Start WorkPad 4 Quick Start  Business Optix brings the rigor and discipline of business modelling and design into.

Automated Tracking of Online Service Policies J. Trent Adams 1 Kevin Bauer 2 Asa Hardcastle 3 Dirk Grunwald 2 Douglas Sicker 2 1 The Internet Society 2.

Hosted Exchange The purpose of this Startup Guide is to familiarize you with ExchangeDefender's Exchange and SharePoint Hosting. ExchangeDefender.

With Internet Explorer 9 Getting Started© 2013 Pearson Education, Inc. Publishing as Prentice Hall1 Exploring the World Wide Web with Internet Explorer.

Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Chapter 3. Table have many uses in a HTML design but are mostly used for the organization of your web site. Tables also give vertical and horizontal structure.

Adobe Dreamweaver CS3 Revealed CHAPTER ONE: GETTING STARTED WITH DREAMWEAVER.

Architecture Of ASP.NET. What is ASP?  Server-side scripting technology.  Files containing HTML and scripting code.  Access via HTTP requests.  Scripting.

Classroom User Training June 29, 2005 Presented by:

INTRODUCTION TO FRONTPAGE. TOPICS TO BE DISCUSSED……….  Introduction Introduction  Features Features  Starting Front Page Starting Front Page  Components.

Create Your Own Webpage. Fun with images Today we’ll cover –Working with images Including an image on your page Making the image a link Editing images.

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2004 Lorrie Cranor 1 P3P I Week 6 - October.

®® Microsoft Windows 7 Windows Tutorial 5 Protecting Your Computer.

Network Management Tool Amy Auburger. 2 Product Overview Made by Ipswitch Affordable alternative to expensive & complicated Network Management Systems.

Privacy, P3P and Internet Explorer 6 P3P Briefing – 11/16/01.

The Future of P3P Ari Schwartz Center for Democracy and Technology Lorrie Faith Cranor AT&T Labs-Research November 2002.

How P3P Works Lorrie Faith Cranor P3P Specification Working Group Chair AT&T Labs-Research 4 February 2002

CPSC 203 Introduction to Computers Lab 23 By Jie Gao.

1 WS-Privacy Paul Bui Ryan Dickey. 2 Agenda  WS-Privacy  Introduction to P3P  How P3P Works  P3P Details  A P3P Scenario  Conclusion  References.

P3P: User Empowerment Tools for Web Privacy Daniel J. Weitzner World Wide Web Consortium 23 April 2001 National Association of Attorneys General.

Use of a P3P User Agent by Early Adopters Lorrie Faith Cranor Manjula Arjula Praven Guduru AT&T Labs November 2002.

1 After completing this lesson, you will be able to: Transfer your files to the Internet. Choose a method for posting your Web pages. Use Microsoft’s My.

U.S. Department of Commerce Web Advisory Group Minding Your Own Business The Platform for Privacy Preferences Project.

The Platform for Privacy Preferences (P3P) Workshop on the Relationship between Privacy and Security Lorrie Faith Cranor P3P Specification Working Group.

Restoring Privacy, Cleaning Your Computer's Cookies and Beacons.

XP New Perspectives on Microsoft Windows XP Tutorial 5 1 Microsoft Windows XP Bringing the World Wide Web to the Desktop Tutorial 5.

Microsoft Office 2008 for Mac – Illustrated Unit D: Getting Started with Safari.

Jump to first page Search Corner Wired 2000 Corporation Inc. Search Corner Web Companion Taking the Browser, Further.

CMPE 494 Service-Oriented Architectures and Web Services Platform for Privacy Preferences Project (P3P) İDRİS YILDIZ

The Internet & Web Browsers Business Webpage Design Created by Kelly Seale Adapted by Jill Einerson.

Top Ten Ways to Protect Privacy Online -Abdul M. Look for privacy policies on Web Sites  Web sites can collect a lot of information about your visit.

11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.

Windows Vista Configuration MCTS : Internet Explorer 7.0.

Web Analytics Fundamentals Presented by Tejaswi, Chandrika, Sunil.

Visualizing Privacy I March 7, 2006.

How P3P Works Lorrie Faith Cranor P3P Specification Working Group Chair AT&T Labs-Research 4 February

Configuring Internet-related services

Web Privacy Chapter 6 – pp 125 – /12/9 Y K Choi.

Business Zone - Clearing your Cache

Tutorial Introduction to help.ebsco.com.

The Platform for Privacy Preferences Project

Presentation transcript:

P3P A New Standard in Online Privacy Overview and Demos from Summer 2000

2 P3P1.0 – A first step Offers an easy way for web sites to communicate about their privacy policies in a standard machine-readable format  Can be deployed using existing web servers This will enable the development of tools (built into browsers or separate applications) that:  Provide snapshots of sites’ policies  Compare policies with user preferences  Alert and advise the user

3 P3P is part of the solution P3P1.0 helps users understand privacy policies but is not a complete solution Seal programs and regulations  help ensure that sites comply with their policies Anonymity tools  reduce the amount of information revealed while browsing Encryption tools  secure data in transit and storage Laws and codes of practice  provide a base line level for acceptable policies

4 Using P3P on your Web site 1.Formulate privacy policy 2.Translate privacy policy into P3P format  Use a policy generator tool 3.Place P3P policy on web site  One policy for entire site or multiple policies for different parts of the site 4.Associate policy with web resources:  Place P3P policy reference file (which identifies location of relevant policy file) at well-known location on server;  Configure server to insert P3P header with link to P3P policy reference file; or  Insert link to P3P policy reference file in HTML content

5 P3P policies Machine-readable (XML) version of web site privacy policies Use P3P Vocabulary to express data practices Use P3P Base Data Set to express type of data collected Capture common elements of privacy policies but may not express everything (sites may provide further explanation in human- readable policies)

6 The P3P vocabulary Who is collecting data? What data is collected? For what purpose will data be used? Is there an ability to opt- in or opt-out of some data uses? Who are the data recipients (anyone beyond the data collector)? To what information does the data collector provide access? What is the data retention policy? How will disputes about the policy be resolved? Where is the human- readable privacy policy?

7 P3P informs Web surfers privacy manager button

8 Transparency P3P clients can check a privacy policy each time it changes P3P clients can check privacy policies on all objects in a web page, including ads and invisible images

9 A simple HTTP transaction Web Server GET /index.html HTTP/1.1 Host: Request web page HTTP/ OK Content-Type: text/html... Send web page

10 … with P3P 1.0 added Web Server GET /w3c/p3p.xml HTTP/1.1 Host: Request Policy Reference File Send Policy Reference File GET /index.html HTTP/1.1 Host: Request web page HTTP/ OK Content-Type: text/html... Send web page Request P3P PolicySend P3P Policy

11 P3P today Intuitive – promotes a seamless browsing experiences while addressing privacy concerns Transparent – makes privacy policies clear to Web users Flexible – compatible with both regulatory and self- regulatory approaches, and with other technology tools Global – developed with international diversity in mind End-to-End – provides tools to more easily create policies and checks sites for privacy assurance seals Expandable – future versions could support automatic negotiation of privacy agreements and digital signature- based authentication Available – demos currently available

12 P3P enabled web sites And many more….

P3P User Agent Demos Microsoft/AT&T P3P Browser Helper Object Idcide Privacy Companion YOUpowered Orby Privacy Plus

14 Microsoft/AT&T P3P browser helper object A prototype tool designed to work with Microsoft Internet Explorer Browser Not yet fully tested, still missing some features

15 Preference settings

16

17 When preferences are changed to Disallow profiling, the privacy check warns us that this site profiles visitors

18 IDcide Privacy Companion A browser plug-in that adds functionality to Netscape or Internet Explorer browsers Includes icons to let users know that sites use first- and/or third-party cookies Enables users to select a privacy level that controls the cookie types allowed (1 st or 3 rd party) Prevents data spills to 3 rd parties through “referer” Let’s users view tracking history Prototype P3P-enabled Privacy Companion allows for more fine-grained automatic decision making based on P3P policies

19 Searching for a P3P policy No P3P policy found P3P policy is NOT acceptable P3P policy is acceptable IDcide P3P Icons

20 Double clicking on the P3P icon indicates where the site’s policy differs from the user’s preferences

21 YOUpowered Orby Privacy Plus A tool bar that sits at the top of a user’s desktop and allows a user to  Accept or deny cookies while surfing  Decide how, when and where to share personal information  Store website passwords  Enjoy the convenience of "one-click" form-fill P3P features in prototype automatically rate web sites based on their P3P policies

22 Trust Meter

23 Orby cookie prompt

24 Orby preference setting menu

Policy Generator Demos IBM P3P Policy Editor PrivacyBot.com YOUPowered Consumer Trust Policy Manager Wizard

26 IBM P3P Policy Editor Allows web sites to create privacy policies in P3P and human-readable format Drag and drop interface Available from IBM AlphaWorks site:

27 Sites can list the types of data they collect And view the corresponding P3P policy

28 Properties windows allows sites to specify detailed information about how each type of data is used.

29 PrivacyBot.com Allows webmasters to fill out an online questionnaire to automatically create a human-readable privacy policy and a P3P policy

30 YOUpowered Consumer Trust Policy Manager wizard

For more information about P3P, please visit our web site