| |
| |
Foreword | |
| |
| |
Preface | |
| |
| |
| |
Privacy and P3P | |
| |
| |
| |
Introduction to P3P | |
| |
| |
How P3P Works | |
| |
| |
P3P-Enabling a Web Site | |
| |
| |
Why Web Sites Adopt P3P | |
| |
| |
| |
The Online Privacy Landscape | |
| |
| |
Online Privacy Concerns | |
| |
| |
Fair Information Practice Principles | |
| |
| |
Privacy Laws | |
| |
| |
Privacy Seals | |
| |
| |
Chief Privacy Officers | |
| |
| |
Privacy-Related Organizations | |
| |
| |
| |
Privacy Technology | |
| |
| |
Encryption Tools | |
| |
| |
Anonymity and Pseudonymity Tools | |
| |
| |
Filters | |
| |
| |
Identity-Management Tools | |
| |
| |
Other Tools | |
| |
| |
| |
P3P History | |
| |
| |
The Origin of the Idea | |
| |
| |
The Internet Privacy Working Group | |
| |
| |
W3C Launches the P3P Project | |
| |
| |
The Evolving P3P Specification | |
| |
| |
The Patent Issue | |
| |
| |
Feedback from Europe | |
| |
| |
Finishing the Specification | |
| |
| |
Legal Implications | |
| |
| |
Criticism | |
| |
| |
| |
P3P-Enabling Your Web Site | |
| |
| |
| |
Overview and Options | |
| |
| |
P3P-Enabled Web Site Components | |
| |
| |
P3P Deployment Steps | |
| |
| |
Creating a Privacy Policy | |
| |
| |
Analyzing the Use of Cookies and Third-Party Content | |
| |
| |
One Policy or Many? | |
| |
| |
Generating a P3P Policy and Policy Reference File | |
| |
| |
Helping User Agents Find Your Policy Reference File | |
| |
| |
Combination Files | |
| |
| |
Compact Policies | |
| |
| |
The Safe Zone | |
| |
| |
Testing Your Web Site | |
| |
| |
| |
P3P Policy Syntax | |
| |
| |
XML Syntax | |
| |
| |
General Assertions | |
| |
| |
Data-Specific Assertions | |
| |
| |
The P3P Extension Mechanism | |
| |
| |
The Policy File | |
| |
| |
| |
Creating P3P Policies | |
| |
| |
Gathering Information About Your Site's Data Practices | |
| |
| |
Turning the Information You Gathered into a P3P Policy | |
| |
| |
Writing a Compact Policy | |
| |
| |
Avoiding Common Pitfalls | |
| |
| |
| |
Creating and Referencing Policy Reference Files | |
| |
| |
Creating a Policy Reference File | |
| |
| |
Referencing a Policy Reference File | |
| |
| |
P3P Policies in Policy Reference Files | |
| |
| |
Changing Your P3P Policy or Policy Reference File | |
| |
| |
Avoiding Common Pitfalls | |
| |
| |
| |
Data Schemas | |
| |
| |
Sets, Elements, and Structures | |
| |
| |
Fixed and Variable Categories | |
| |
| |
P3P Base Data Schema | |
| |
| |
Writing a P3P Data Schema | |
| |
| |
| |
P3P-Enabled Web Site Examples | |
| |
| |
Simple Sites | |
| |
| |
Third-Party Agents | |
| |
| |
Third Parties with Their Own Policies | |
| |
| |
Examples From Real Web Sites | |
| |
| |
| |
P3P Software and Design | |
| |
| |
| |
P3P Vocabulary Design Issues | |
| |
| |
Rating Systems and Vocabularies | |
| |
| |
P3P Vocabulary Terms | |
| |
| |
What's Not in the P3P Vocabulary | |
| |
| |
| |
P3P User Agents and Other Tools | |
| |
| |
P3P User Agents | |
| |
| |
Other Types of P3P Tools | |
| |
| |
P3P Specification Compliance Requirements | |
| |
| |
| |
A P3P Preference Exchange Language (APPEL) | |
| |
| |
APPEL Goals | |
| |
| |
APPEL Evaluator Engines | |
| |
| |
Writing APPEL Rule Sets | |
| |
| |
Processing APPEL Rules | |
| |
| |
Other Privacy Preference Languages | |
| |
| |
| |
User Interface | |
| |
| |
Case Studies | |
| |
| |
Privacy Preference Settings | |
| |
| |
User Agent Behavior | |
| |
| |
Accessibility | |
| |
| |
Privacy | |
| |
| |
| |
Appendixes | |
| |
| |
| |
P3P Policy and Policy Reference File Syntax Quick Reference | |
| |
| |
| |
Configuring Web Servers to Include P3P Headers | |
| |
| |
| |
P3P in IE6 | |
| |
| |
| |
How to Create a Customized Privacy Import File for IE6 | |
| |
| |
| |
P3P Guiding Principles | |
| |
| |
Index | |