P3P is the Platform for Privacy Preferences Project. It was developed by the W3C, (World Wide Web Consortium) as a protocol for providing automated privacy information to the end user, giving them more control over their own personal information at the web sites they visit.
P3P websites offer privacy information in a machine-readable format and P3P enabled browsers can read this and compare it to their own privacy standards. This protocol provides a standardization of privacy statements and presents it in a format that allows surfers to act on the information they are provided with.
The two main goals of implemented P3P policies are:
* To enable Web sites to present their data-collection practices in a standardized, computer-readable, easy-to-locate manner
* To enable Web users to understand what data will be collected by sites, how that data will be used, and what data and uses they may "opt-out" of or "opt-in" to.
How is it useful?
To avoid such kind of issues sites having cookies can implement P3P Policies and publish them on site. The policy will provide information of the site accepting the kind of cookies and the data collected by the user. After the implementation when user access the site user's privacy is matched with the policy deployed on the site. A handshake is done and if the users privacy settings matches the policy hosted on the site user is allowed to login to the site. Else the site is shown as blocked. P3P is being usually employed by Ad Servers to serve Ads.
How do I implement P3P on my site?
First, you need a privacy statement for your site that surfers can read, or you can use the HTML privacy statement that is generated with the IBM P3P editor. Policies can also be created from P3PDeveloper
The P3P Editor will create four files, a policy file, written in XML, a reference file, written in XML, a compact policy and an HTML version of the privacy statement that you can use on your site as your privacy statement if you don't wish to reference your site's current privacy statement, or if your site doesn't have one. Further compact policies setting can be set on IIS on custom header tab.
Along with the policy file a legal document page will also be created with the information about the legal implications of a site. The generated policy file can then be deployed along with the legal document on the web site. User can view the policy by viewing the privacy report on IE for the page with the posted policy information.
I, myself, have used P3P in one of my recent Projects where we built a 3rd Party Ad Server (I would be willing to discuss 3rd party AdServer in one of my later posts). Have you used P3P in your web applications? Your comments are welcome.
Popular Posts (Last 30 days)
Bugzilla is the Bugs/Issues Tracking Tool from The Mozilla Organization. Version 2.18 is the latest stable release. There are couple of res...
Here is the list of Online Hindi Radio Stations. Copy the URL in your media player and enjoy !! 106.2 HUMFM - UAE ==> http://www.humfm...
JSP Model 1, Model 2 Architectures and MVC Pattern The early JSP specifications presented two approaches for building web applications usi...
Mark the location of the first character of the block of text you want to copy by pressing mx This marks the begining of the text to be copi...
Received the pic in an email :)
A Product Owner compiles all the changes planned for the product and prioritizes the possible functionalities. Sprint is A 1-6 week period...
Agile vs Waterfall vs Iterative vs Lean Software Development - In Pictures! : " Tara Whitaker has produced an excellent diagram to dep...
I am trying to install on a Linux machine (Fedora). Facing a couple of issues(I, being a Windows guy, was to face those issues :(... Anyw...
I have been assigned to prepare a checklist for my project. So, while compiling a checklist for SQLs, I suggested to use SELECT COUNT(COLUMN...