Pretty Poor Privacy: An Assessment of P3P
Source: Epic.org - Posted by Benjamin D. Thomas   
Security Projects This report examines whether P3P is an effective solution to growing public concerns about online privacy. The report surveys earlier experience with "cookie" technology and notes similarities. The report finds that . . . This report examines whether P3P is an effective solution to growing public concerns about online privacy. The report surveys earlier experience with "cookie" technology and notes similarities. The report finds that P3P fails to comply with baseline standards for privacy protection. It is a complex and confusing protocol that will make it more difficult for Internet users to protect their privacy. P3P also fails to address many of the privacy problems specifically associated with the Internet. The report further finds that earlier versions of P3P were withdrawn because the developers recognized that the proposed negotiation process was too burdensome for users and that the automatic transfer of personal information would be widely opposed. It is anticipated that this version of P3P will also be significantly overhauled once it is reviewed. The report concludes that there is little evidence to support the industry claim that P3P will improve user privacy citing the widely accepted Fair Information Practices.

The report recommends the adoption of privacy standards built on Fair Information Practices and genuine Privacy Enhancing Techniques that minimize or eliminate the collection of personally identifiable information. Simple, predictable rules for the collection and use of personal information will also support consumer trust and confidence. P3P, on the other hand, is likely to undermine public confidence in Internet privacy.

Read this full article at Epic.org

Only registered users can write comments.
Please login or register.

Powered by AkoComment!