1

WS-Privacy

Paul BuiRyan Dickey

2

Agenda

WS-Privacy Introduction to P3P How P3P Works P3P Details A P3P Scenario Conclusion References

3

Introduction to WS-Privacy

Organizations create, manage and use web services

These organizations need to state their privacy policies

They also need to require that incoming requests adhere to these policies

4

P3P Still Under Development

The specification will describe a model for how a privacy language may be embedded into WS-Policy descriptions

WS-Security will associate privacy claims with a message

WS-Trust mechanisms can be used to evaluate these privacy claims for both user preferences and organizational practice claims

5

New Name!

WS-Privacy is currently implemented as the Platform for Privacy Preferences Project 1.0 Specification (P3P1.0)

This provides a model for how privacy preferences and organizational privacy practices are conveyed.

6

Platform for PrivacyPreferences Project

Also known as P3P A simple, automated way for users

to gain more control over the use of their personal information on websites

Basically a set of multiple-choice questions covering all major aspects of a website’s privacy policies

7

How P3P Works

P3P-enabled websites state their privacy policies in a standard, machine-readable format (XML)

P3P-enabled browsers can "read" this snapshot automatically and compare it to the consumer's own set of privacy preferences

8

Making Your WebsiteP3P Compliant

9

An HTTP TransactionWith P3P Added

10

A P3P Scenario

P3P

Policy

homepage catalog checkout

11

P3P Policy Elements

<ENTITY> gives a precise description of the legal entity making the representation of the privacy practices.

<ACCESS> indicates whether the site provides access to various kinds of information.

12

P3P Policy Elements cont’d

<DISPUTES> describes dispute resolution procedures that may be followed for disputes about a services' privacy practices, or in case of protocol violation.

Each <DISPUTES> element SHOULD contain a <REMEDIES> element that specifies the possible remedies in case a policy breach occurs.

13

P3P Policy Elements (cont’d)

<STATEMENT> is a container that groups together a <PURPOSE>, a <RECIPIENT>, a <RETENTION>, a <DATA-GROUP>, and optionally a <CONSEQUENCE>

A statement concerns the data practices as applied to data elements (e.g., data collection)

14

P3P Policy Elements cont’d

A <STATEMENT> may contain <NON-IDENTIFIABLE>, signifying that there is no data collected under this <STATEMENT>, or that all of the data referenced by that <STATEMENT> will be anonymized upon collection

<CONSEQUENCE> explains why the suggested practice may be valuable in a particular instance

15

P3P Policy Elements cont’d

A <PURPOSE> must contain one or more purposes for data collection

E.g. <current/> to complete current activity

(e.g. web search results) <admin/> to administrate the site <historical/> historical preservation <telemarketing/> used to contact

individual about promotions and etc.

16

P3P Policy Elements cont’d

<RECEPIENT> is the legal entity, or domain, beyond the service provider and its agents where data may be distributed

<RETENTION> is the type of retention policy of the data <no-retention/> <indefinitely/>

17

P3P Policy Elements cont’d

<CATEGORIES> are elements inside data elements that provide hints to users and user agents as to the intended uses of the data. <physical/> physical contact info <online/> online contact info <purchase/> method of payment <demographic/> gender, age, income, etc. <health/> to aid purchasing of healthcare

products etc.

18

P3P Example

http://www.w3.org/TR/P3P/ #Example_policy

a step by step example of implementing p3p

19

P3P-Enabled Examples

Yahoo! About Angelfire Dell Netscape 7 IE 6 (cookie element only)

20

Demo 1

Show the P3P documents in action at a live site

21

Demo 2

Show the P3P policies in action at a live site

Demonstrate a policy of requiring cookies to be enabled (e.g., PayPal) running against a browser with cookie settings turned on and off

22

P3P Adoption

Ernst & Young report (Jan. 2004) on P3P adoption rates:

23% of the Top 500 web domains 31% of the Top 100 web domains 50% of the top health domains 64% of the top ___ domains

23

P3P Caveats

P3P does not enforce adherence to privacy policies

P3P cannot monitor whether sites adhere to their own stated practices

Thus users do not know whether their policy preferences are actually being enforced

24

Conclusion

P3P is a system for making Web site privacy policies machine-readable

P3P enhances user control by putting privacy policies where users can find them, in a form users can understand, and enables users to act on what they see. (e.g., a popup)

25

Primary References

http://www.w3.org/P3P/the comprehensive page for P3P

http://www.w3.org/TR/P3P/the current P3P technical specification

26

Secondary References

http://www.serviceoriented.org/ ws-privacy.html

a summary of WS-privacy http://wdvl.internet.com/Internet/S

ecurity/P3P/ a sample P3P page

http://www.ey.com/global/download.nsf/US/P3P_Dashboard_-_January_2004/$file /E&YTop500P3PDashboard.pdf

statistical information

27

Tools

tool1 tool2 tool3