| |
| |
| Foreword | |
| |
| |
| Preface | |
| |
| |
| |
| Privacy and P3P | |
| |
| |
| |
| Introduction to P3P | |
| |
| |
| How P3P Works | |
| |
| |
| P3P-Enabling a Web Site | |
| |
| |
| Why Web Sites Adopt P3P | |
| |
| |
| |
| The Online Privacy Landscape | |
| |
| |
| Online Privacy Concerns | |
| |
| |
| Fair Information Practice Principles | |
| |
| |
| Privacy Laws | |
| |
| |
| Privacy Seals | |
| |
| |
| Chief Privacy Officers | |
| |
| |
| Privacy-Related Organizations | |
| |
| |
| |
| Privacy Technology | |
| |
| |
| Encryption Tools | |
| |
| |
| Anonymity and Pseudonymity Tools | |
| |
| |
| Filters | |
| |
| |
| Identity-Management Tools | |
| |
| |
| Other Tools | |
| |
| |
| |
| P3P History | |
| |
| |
| The Origin of the Idea | |
| |
| |
| The Internet Privacy Working Group | |
| |
| |
| W3C Launches the P3P Project | |
| |
| |
| The Evolving P3P Specification | |
| |
| |
| The Patent Issue | |
| |
| |
| Feedback from Europe | |
| |
| |
| Finishing the Specification | |
| |
| |
| Legal Implications | |
| |
| |
| Criticism | |
| |
| |
| |
| P3P-Enabling Your Web Site | |
| |
| |
| |
| Overview and Options | |
| |
| |
| P3P-Enabled Web Site Components | |
| |
| |
| P3P Deployment Steps | |
| |
| |
| Creating a Privacy Policy | |
| |
| |
| Analyzing the Use of Cookies and Third-Party Content | |
| |
| |
| One Policy or Many? | |
| |
| |
| Generating a P3P Policy and Policy Reference File | |
| |
| |
| Helping User Agents Find Your Policy Reference File | |
| |
| |
| Combination Files | |
| |
| |
| Compact Policies | |
| |
| |
| The Safe Zone | |
| |
| |
| Testing Your Web Site | |
| |
| |
| |
| P3P Policy Syntax | |
| |
| |
| XML Syntax | |
| |
| |
| General Assertions | |
| |
| |
| Data-Specific Assertions | |
| |
| |
| The P3P Extension Mechanism | |
| |
| |
| The Policy File | |
| |
| |
| |
| Creating P3P Policies | |
| |
| |
| Gathering Information About Your Site's Data Practices | |
| |
| |
| Turning the Information You Gathered into a P3P Policy | |
| |
| |
| Writing a Compact Policy | |
| |
| |
| Avoiding Common Pitfalls | |
| |
| |
| |
| Creating and Referencing Policy Reference Files | |
| |
| |
| Creating a Policy Reference File | |
| |
| |
| Referencing a Policy Reference File | |
| |
| |
| P3P Policies in Policy Reference Files | |
| |
| |
| Changing Your P3P Policy or Policy Reference File | |
| |
| |
| Avoiding Common Pitfalls | |
| |
| |
| |
| Data Schemas | |
| |
| |
| Sets, Elements, and Structures | |
| |
| |
| Fixed and Variable Categories | |
| |
| |
| P3P Base Data Schema | |
| |
| |
| Writing a P3P Data Schema | |
| |
| |
| |
| P3P-Enabled Web Site Examples | |
| |
| |
| Simple Sites | |
| |
| |
| Third-Party Agents | |
| |
| |
| Third Parties with Their Own Policies | |
| |
| |
| Examples From Real Web Sites | |
| |
| |
| |
| P3P Software and Design | |
| |
| |
| |
| P3P Vocabulary Design Issues | |
| |
| |
| Rating Systems and Vocabularies | |
| |
| |
| P3P Vocabulary Terms | |
| |
| |
| What's Not in the P3P Vocabulary | |
| |
| |
| |
| P3P User Agents and Other Tools | |
| |
| |
| P3P User Agents | |
| |
| |
| Other Types of P3P Tools | |
| |
| |
| P3P Specification Compliance Requirements | |
| |
| |
| |
| A P3P Preference Exchange Language (APPEL) | |
| |
| |
| APPEL Goals | |
| |
| |
| APPEL Evaluator Engines | |
| |
| |
| Writing APPEL Rule Sets | |
| |
| |
| Processing APPEL Rules | |
| |
| |
| Other Privacy Preference Languages | |
| |
| |
| |
| User Interface | |
| |
| |
| Case Studies | |
| |
| |
| Privacy Preference Settings | |
| |
| |
| User Agent Behavior | |
| |
| |
| Accessibility | |
| |
| |
| Privacy | |
| |
| |
| |
| Appendixes | |
| |
| |
| |
| P3P Policy and Policy Reference File Syntax Quick Reference | |
| |
| |
| |
| Configuring Web Servers to Include P3P Headers | |
| |
| |
| |
| P3P in IE6 | |
| |
| |
| |
| How to Create a Customized Privacy Import File for IE6 | |
| |
| |
| |
| P3P Guiding Principles | |
| |
| |
| Index | |