the platform for privacy preferences p3 p
play

The Platform for Privacy Preferences ( P3 P) December 2000 Update - PowerPoint PPT Presentation

Jan 08, 2023 •348 likes •914 views

The Platform for Privacy Preferences ( P3 P) December 2000 Update A user empowerment approach Marc Langheinrich ETH Zurich APPEL Subgroup Chair P3P Working Group Outline P3P December 2000 Update Platform for Privacy Preferences ! What

  1. The Platform for Privacy Preferences ( P3 P) December 2000 Update A user empowerment approach Marc Langheinrich ETH Zurich APPEL Subgroup Chair P3P Working Group

  2. Outline P3P December 2000 Update Platform for Privacy Preferences ! What is P3P? – A user empowerment tool – P3P1.0 a first step – not a full solution ! What does P3P provide? – Machine-readable privacy policies – Referencing & Exchanging policies – Exchanging Privacy Preferences (APPEL) ! FAQ’ s, Wrap-Up 2

  3. User Em pow erm ent P3P December 2000 Update Develop tools that allow people to control the use and dissemination of their personal information I . W hat is P3 P? 3

  4. Em pow erm ent Tools P3P December 2000 Update ! Prevent your actions from being linked to you – Crowds (AT&T Labs), Anonymizer, Freedom (zks.net) ! Allow you to develop persistent relationships not linked to each ot her or you – Lucent Personal Web Assistant (Bell Labs) ! Make informed choices about how your information will be used I . W hat is P3 P? – Platform for Privacy Preferences Proj ect – P3P (W3C) ! Know that assurances about information practices are trust worthy – TRUS Te, BBBOnline 4

  5. P3 P 1 .0 P3P December 2000 Update ! W3C Activity S tarted S ummer 1997 ! Goals – Web sites offer machine readable policies – Browsers automatically compare policies and user preferences – Web site & browser negotiate „ best deal“ I . W hat is P3 P? ! P3P 1.0 – No negotiation, no choice of policies – Goal: Ease of deployment 5

  6. December 2000 Update P3 P Overview

  7. P3 P1 .0 Provides P3P December 2000 Update ! Machine-readable privacy policies I I . W hat does P3 P provide? – A standard schema for data collected – A vocabulary to express purpose, recipients, etc. – An XML format for machine-readability ! Referencing & Exchanging policies – Reference Files associate P3P policies with Web content (e.g., pages, sites) – A protocol for transporting P3P policies over HTTP 7

  8. Brow sing w ithout P3 P P3P December 2000 Update Web I I . P3 P – Exchanging Policies Server GET /x.html HTTP/1.1 GET /x.html HTTP/1.1 . . . Request web page . . . Request web page HTTP/1.1 200 OK HTTP/1.1 200 OK Content-Type: text/html Content-Type: text/html . . . Send web page . . . Send web page 8

  9. Brow sing w ith P3 P1 .0 P3P December 2000 Update Web I I . P3 P – Exchanging Policies GET /x.html HTTP/1.1 GET /x.html HTTP/1.1 Server . . . Request web page . . . Request web page HTTP/1.1 200 OK HTTP/1.1 200 OK P3P: policyref=“http://foo.com/p3p/ref.xml P3P: policyref=“http://foo.com/p3p/ref.xml Content-Type: text/html Content-Type: text/html . . . Send web page . . . Send web page Request Policy Reference File Request Policy Reference File Send Policy Reference File Send Policy Reference File Request P3P Policy Request P3P Policy Send P3P Policy Send P3P Policy 9

  10. The Policy Reference File P3P December 2000 Update I I . P3 P – Referencing Policies /w3c/p3p/ref.xml /index.html /orders/*.html /w3c/p3p/policy1.xml /catalog/* /orders/cgi-bin/* /w3c/p3p/policy2.xml Set-Cookie: session-id=... /w3c/p3p/policy3.xml /catalog/kids/* 10

  11. Reference File Syntax P3P December 2000 Update <META xmlns="http://www.w3.org/2000/11/23/P3Pv1" I I . P3 P – Referencing Policies <POLICY-REFERENCES> <POLICY-REF web:about="/w3c/p3p/ policy1.xml "> < INCLUDE >/index.html</INCLUDE> <INCLUDE>/orders/*.html</INCLUDE> <INCLUDE>/catalog/*</INCLUDE> < EXCLUDE >/catalog/kids/*</EXCLUDE> </POLICY-REF> <POLICY-REF web:about=“w3c/p3p/ policy2.xml "> <INCLUDE>/orders/cgi-bin/*</INCLUDE> <COOKIES-INCLUDE>session-id .examples.org /</COOKIES-INCLUDE> </POLICY-REF> <POLICY-REF web:about=“w3c/p3p/ policy3.xml "> < INCLUDE >/catalog/kids/*</INCLUDE> </POLICY-REF> </POLICY-REFERENCES> </META> 11

  12. Reference File Syntax P3P December 2000 Update <META xmlns="http://www.w3.org/2000/11/23/P3Pv1" I I . P3 P – Referencing Policies <POLICY-REFERENCES> <POLICY-REF web:about="/w3c/p3p/ policy1.xml "> <POLICY-REF web:about="/w3c/p3p/ policy1.xml "> < INCLUDE >/index.html</INCLUDE> < INCLUDE >/index.html</INCLUDE> <INCLUDE>/orders/*.html</INCLUDE> <INCLUDE>/orders/*.html</INCLUDE> <INCLUDE>/catalog/*</INCLUDE> <INCLUDE>/catalog/*</INCLUDE> < EXCLUDE >/catalog/kids/*</EXCLUDE> < EXCLUDE >/catalog/kids/*</EXCLUDE> </POLICY-REF> </POLICY-REF> <POLICY-REF web:about=“w3c/p3p/ policy2.xml "> <INCLUDE>/orders/cgi-bin/*</INCLUDE> <COOKIES-INCLUDE>session-id .examples.org /</COOKIES-INCLUDE> </POLICY-REF> <POLICY-REF web:about=“w3c/p3p/ policy3.xml "> < INCLUDE >/catalog/kids/*</INCLUDE> </POLICY-REF> </POLICY-REFERENCES> </META> 11

  13. Reference File Syntax P3P December 2000 Update <META xmlns="http://www.w3.org/2000/11/23/P3Pv1" I I . P3 P – Referencing Policies <POLICY-REFERENCES> <POLICY-REF web:about="/w3c/p3p/ policy1.xml "> < INCLUDE >/index.html</INCLUDE> <INCLUDE>/orders/*.html</INCLUDE> <INCLUDE>/catalog/*</INCLUDE> < EXCLUDE >/catalog/kids/*</EXCLUDE> </POLICY-REF> <POLICY-REF web:about=“w3c/p3p/ policy2.xml "> <POLICY-REF web:about=“w3c/p3p/ policy2.xml "> <INCLUDE>/orders/cgi-bin/*</INCLUDE> <INCLUDE>/orders/cgi-bin/*</INCLUDE> <COOKIES-INCLUDE>session-id .examples.org /</COOKIES-INCLUDE> <COOKIES-INCLUDE>session-id .examples.org /</COOKIES-INCLUDE> </POLICY-REF> </POLICY-REF> <POLICY-REF web:about=“w3c/p3p/ policy3.xml "> < INCLUDE >/catalog/kids/*</INCLUDE> </POLICY-REF> </POLICY-REFERENCES> </META> 11

  14. Reference File Syntax P3P December 2000 Update <META xmlns="http://www.w3.org/2000/11/23/P3Pv1" I I . P3 P – Referencing Policies <POLICY-REFERENCES> <POLICY-REF web:about="/w3c/p3p/ policy1.xml "> < INCLUDE >/index.html</INCLUDE> <INCLUDE>/orders/*.html</INCLUDE> <INCLUDE>/catalog/*</INCLUDE> < EXCLUDE >/catalog/kids/*</EXCLUDE> </POLICY-REF> <POLICY-REF web:about=“w3c/p3p/ policy2.xml "> <INCLUDE>/orders/cgi-bin/*</INCLUDE> <COOKIES-INCLUDE>session-id .examples.org /</COOKIES-INCLUDE> </POLICY-REF> <POLICY-REF web:about=“w3c/p3p/ policy3.xml "> <POLICY-REF web:about=“w3c/p3p/ policy3.xml "> < INCLUDE >/catalog/kids/*</INCLUDE> < INCLUDE >/catalog/kids/*</INCLUDE> </POLICY-REF> </POLICY-REF> </POLICY-REFERENCES> </META> 11

  15. P3 P Policies P3P December 2000 Update ! Machine-readable (XML) version of web site I I . P3 P – Expressing Policies privacy policies – Use P3P Vocabulary t o express data practices – Use P3P Base Data S et to express type of data collected ! Captures common elements of privacy policies but may not express everything – sites may provide further explanation in human- readable policies 12

  16. The P3 P Vocabulary P3P December 2000 Update ! Who is collecting data? ! What data is collected? I I . P3 P – Expressing Policies ! Does the data collector ! For what purpose will provide access to my data be used? data? ! Who are the data ! What assurance is recipients (anyone there that this policy beyond t he data will be followed? collector)? ! Where is the human- ! Hong long will data be readable privacy retained ? policy? 13

  17. P3 P Base Data Schem a P3P December 2000 Update ! A set of common data elements all P3P I I . P3 P – Expressing Policies implementations should know about ! Includes “ User.” elements such as – name – Address – phone number, etc. ! Includes “ Dynamic.” elements such as – indicators that a site collects click-stream – uses cookies – collects info of a cert ain category, etc. 14

  18. Exam ple Privacy Policy P3P December 2000 Update TheCoolCatalogExample, Inc., of 123 Main S treet, S eattle, WA 98103 US A, makes the following statement for the Web page at I I . P3 P – Expressing Policies http:/ / www.TheCoolCatalog.example.com/ catalog/ . We have a privacy seal from PrivacyS ealExample, which provides assurance that we abide by our policy. We do provide access capabilities to any identifiable information we may have from you. We use cookies and collect your gender , information about your clothing preferences , and ( optionally ) your home address to customize our entry catalog pages and for our own research and product development . We retain this information indefinitely. We also maintain server logs that include information about visits to the http:/ / www.CoolCatalog.example.com/ catalog/ page, and the types of browsers our visitors use. We use this information in order to administrate and improve our web site. We retain this information indefinitely. 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Platform for Privacy Platform for Privacy Preferences (P3P) Project Preferences (P3P) Project

Platform for Privacy Platform for Privacy Preferences (P3P) Project Preferences (P3P) Project

Platform for Privacy Platform for Privacy Preferences (P3P) Project Preferences (P3P) Project Week 5/6 - February 10, 12, 17 1 Privacy Policy, Law and Technology Carnegie Mellon University Spring 2004 Lorrie Cranor

770 views • 38 slides
The Platform for Privacy Preferences (P3P) February 2000 Update A user empowerment approach

The Platform for Privacy Preferences (P3P) February 2000 Update A user empowerment approach

The Platform for Privacy Preferences (P3P) February 2000 Update A user empowerment approach Marc Langheinrich ETH Zurich P3P Preference Group Chair Outline P3P February 2000 Update Platform for Privacy Preferences Policy Background

761 views • 37 slides
Automatic Privacy Policy Clustering ... applicable privacy preferences settings to formalise the

Automatic Privacy Policy Clustering ... applicable privacy preferences settings to formalise the

Automatic Privacy Policy Clustering ... applicable privacy preferences settings to formalise the data disclosure decisions and for visualization IFIP Summer School on Identity Management Karlstad, Sweden August, 6 th -10 th 2007

338 views • 15 slides
Privacy Preferences for E-Mail Messages Ulrich Knig Independent Centre for Privacy Protection

Privacy Preferences for E-Mail Messages Ulrich Knig Independent Centre for Privacy Protection

Introduction Syntax Semantics Example Outlook Privacy Preferences for E-Mail Messages Ulrich Knig Independent Centre for Privacy Protection Schleswig-Holstein 26th of July 2010 www.ietf.org/id/draft-koenig-privicons-00.txt Ulrich

225 views • 10 slides
Privacy Expectations and Preferences in an IoT World Pardis Emami-Naeini, Sruti Bhagavatula,

Privacy Expectations and Preferences in an IoT World Pardis Emami-Naeini, Sruti Bhagavatula,

Privacy Expectations and Preferences in an IoT World Pardis Emami-Naeini, Sruti Bhagavatula, Martin Degeling, Hana Habib, Lujo Bauer, Lorrie Faith Cranor, Norman Sadeh PERSONALIZED PRIVACY ASSISTANT PROJECT 1 PERSONALIZED PRIVACY ASSISTANT

582 views • 22 slides
How much will the platform learn about consumers in the end? \begin{theorem} In the long run,

How much will the platform learn about consumers in the end? \begin{theorem} In the long run,

Dynamic Privacy Choices (Shota Ichihashi, Bank of Canada) In each period Activity produces Consumer data on persistent type uses platform Platform monetizes info Privacy cost (e.g., data leakage) How much will the

412 views • 4 slides
Supporting User Privacy Preferences on Information Release in Open Scenarios Claudio A. Ardagna 1

Supporting User Privacy Preferences on Information Release in Open Scenarios Claudio A. Ardagna 1

Supporting User Privacy Preferences on Information Release in Open Scenarios Claudio A. Ardagna 1 Sabrina De Capitani di Vimercati 1 Sara Foresti 1 Stefano Paraboschi 2 Pierangela Samarati 1 (1) DTI - Universit degli Studi di Milano (2) DIIMM -

195 views • 18 slides
Data Privacy for IEEE Volunteer Data Managers 2 Overview Changes in Data Privacy IEEE

Data Privacy for IEEE Volunteer Data Managers 2 Overview Changes in Data Privacy IEEE

Data Privacy for IEEE Volunteer Data Managers 2 Overview Changes in Data Privacy IEEE Privacy Policy Terms &amp; Conditions and Subscriptions Consent Structure and Preferences Meetings, Conferences, and Events

926 views • 36 slides
CO 445H MOBILE PLATFORM SECURITY AND MOBILE PRIVACY Dr. Benjamin Livshits Privacy International

CO 445H MOBILE PLATFORM SECURITY AND MOBILE PRIVACY Dr. Benjamin Livshits Privacy International

CO 445H MOBILE PLATFORM SECURITY AND MOBILE PRIVACY Dr. Benjamin Livshits Privacy International Data Tracking 2 http://privacyinternational.org/feature/2433/i-asked-online-tracking-company-all-my-data-and-heres-what-i-found Two Main Attack

986 views • 63 slides
Moral Preferences F R A N C E S C A R O S S I Decision making Based on our preferences

Moral Preferences F R A N C E S C A R O S S I Decision making Based on our preferences

Moral Preferences F R A N C E S C A R O S S I Decision making Based on our preferences over the options Social context: aggregation of the individuals preferences Voting rules: from collection of preference orderings to a

485 views • 19 slides
New Generation TV platform API and Privacy Protection - Study from Broadcasting Extended

New Generation TV platform API and Privacy Protection - Study from Broadcasting Extended

New Generation TV platform API and Privacy Protection - Study from Broadcasting Extended Functionalities API in BML - September 2, 2010 Shuhei Habu Allied Resources Communications, Inc. Tokyo, Japan Background Users way of watching

1.54k views • 39 slides
Deploying Secure Computing for Real-world Applications Dan Bogdanov, PhD Head of Privacy

Deploying Secure Computing for Real-world Applications Dan Bogdanov, PhD Head of Privacy

Deploying Secure Computing for Real-world Applications Dan Bogdanov, PhD Head of Privacy Technology Development Cybernetica dan@cyber.ee The Sharemind Privacy-preserving Computing Platform Components for Privacy Encrypted Privacy

714 views • 28 slides
Privacy Accounting and Quality Control in the Sage Di ff erentially Private ML Platform Mathias

Privacy Accounting and Quality Control in the Sage Di ff erentially Private ML Platform Mathias

Privacy Accounting and Quality Control in the Sage Di ff erentially Private ML Platform Mathias Lcuyer With: Riley Spahn, Kiran Vodrahalli, Roxana Geambasu, and Daniel Hsu Machine Learning (ML) introduces a dangerous double standard for data

603 views • 45 slides
Admin Today: finish web privacy, start mobile security Friday: Lab #2 due (8pm)

Admin Today: finish web privacy, start mobile security Friday: Lab #2 due (8pm)

CSE 484 / CSE M 584: Computer Security and Privacy Web Privacy [finish] Mobile Platform Security [start] Spring 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, Ada Lerner,

535 views • 29 slides
$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

Presentation Slides $ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

318 views • 13 slides
USER PREFERENCES IN RECOMMENDATION ALGORITHMS The Influence Of User Diversity, Trust, And Product

USER PREFERENCES IN RECOMMENDATION ALGORITHMS The Influence Of User Diversity, Trust, And Product

USER PREFERENCES IN RECOMMENDATION ALGORITHMS The Influence Of User Diversity, Trust, And Product Category On Privacy Perceptions In Recommender Algorithms Laura Burbach Johannes Nakayama, Nils Plettenberg, Martina Ziefle &amp; Andr Calero

579 views • 29 slides
Large-Scale Data Engineering Data warehousing with MapReduce event.cwi.nl/lsde2015 Todays

Large-Scale Data Engineering Data warehousing with MapReduce event.cwi.nl/lsde2015 Todays

Large-Scale Data Engineering Data warehousing with MapReduce event.cwi.nl/lsde2015 Todays agenda How we got here: the historical perspective MapReduce algorithms for processing relational data Evolving roles of relational databases

816 views • 54 slides
Flow Networks A new perspective of complex systems Contents 1 Flow Networks 2 Common Patterns

Flow Networks A new perspective of complex systems Contents 1 Flow Networks 2 Common Patterns

LOGO School of Systems Beijing Normal University Jiang Zhang @ Ali forum of complexity science 2014 Flow Networks A new perspective of complex systems Contents 1 Flow Networks 2 Common Patterns 3 Constructal Law? School of Systems

420 views • 25 slides
R ecently, we ran a marketing work- To our surprise, the participants were shop with an

R ecently, we ran a marketing work- To our surprise, the participants were shop with an

DEEP insight This document is an authorized copy for personal use of Mr. Skiera, 25/03/2017 MARKETING IN A DIGITAL AGE Using Big Search Data to Map Your Market By BERND SKIERA and DANIEL M. RINGEL R ecently, we ran a marketing work- To our

563 views • 7 slides
Estimating Dominance Norms of Multiple Data Streams Graham Cormode graham@dimacs.rutgers.edu

Estimating Dominance Norms of Multiple Data Streams Graham Cormode graham@dimacs.rutgers.edu

Estimating Dominance Norms of Multiple Data Streams Graham Cormode graham@dimacs.rutgers.edu Joint work with S. Muthukrishnan Data Stream Phenomenon Data is being produced faster than our ability to process it Leads to the data

613 views • 25 slides
Airavat: Security and Privacy for MapReduce Indrajit Roy, Srinath T.V. Setty, Ann Kilzer, Vitaly

Airavat: Security and Privacy for MapReduce Indrajit Roy, Srinath T.V. Setty, Ann Kilzer, Vitaly

Airavat: Security and Privacy for MapReduce Indrajit Roy, Srinath T.V. Setty, Ann Kilzer, Vitaly Shmatikov, Emmett Witchel The University of Texas at Austin Computing in the year 201X 2 Illusion of infinite resources Data Pay only for

792 views • 51 slides
Recommending Crowdsourced Trips on wOndary Linus W. Dietz and Achim Weimert Technical

Recommending Crowdsourced Trips on wOndary Linus W. Dietz and Achim Weimert Technical

Recommending Crowdsourced Trips on wOndary Linus W. Dietz and Achim Weimert Technical University of Munich, Germany wOndary, London, UK RecTour Workshop, Vancouver, Canada October 7, 2018 A Platform for Travel Planning

201 views • 8 slides
Elastic and Secure Energy Forecasting in Cloud Environments Andr Martin * , Andrey Brito # and

Elastic and Secure Energy Forecasting in Cloud Environments Andr Martin * , Andrey Brito # and

Elastic and Secure Energy Forecasting in Cloud Environments Andr Martin * , Andrey Brito # and Christof Fetzer * andre.martin@tu-dresden.de, andrey@dsc.ufcg.edu.br, christof.fetzer@tu-dresden.de * SE Group - Technische Universitt Dresden -

561 views • 11 slides
Price Optimization in Fashion E-Commerce AI for fashion supply chain The fifth international

Price Optimization in Fashion E-Commerce AI for fashion supply chain The fifth international

Price Optimization in Fashion E-Commerce AI for fashion supply chain The fifth international workshop on fashion and KDD 23 August 2020, San Diego, California - USA Sajan Kedia, Samyak Jain, Abhishek Sharma Problem Statement - Biggest

839 views • 16 slides

More recommend