Platform for Privacy Preferences Project

technology

P3P profiles are available on web servers in the form of an XML file, usually under the standardized path /w3c/p3p.xml and can also be transmitted as a so-called "Compact Policy" in short form as an HTTP header, with the P3P file / headers may contain the following information:

• What types of data are collected when you visit the website?
• For what purpose is this data collected (example: navigation, personalization, marketing)?
• How long will this data be stored?
• Who has access to the data and which rules does data processing obey (example: voluntary commitment or law)?

The internet surfer can use P3P free of charge. All you need is a P3P agent, which is available online free of charge. For the user, however, P3P-compatible browsers are inherently more comfortable. P3P is integrated in Microsoft Internet Explorer as well as in several small browsers.

If the surfer has a P3P agent, he can determine how his data should be handled on the Internet. The data protection concept, for example regarding the handling of cookies , is automatically translated into P3P format by the personal settings in the P3P agent. Before visiting a website, the surfer's information is compared with that of the website provider.

In the German-speaking area, the Independent State Center for Data Protection Schleswig-Holstein supported the P3P standard in a project funded by the Ministry of Economics, Labor and Transport of the State of Schleswig-Holstein.

criticism

Like any form of self-control (compare e.g. ICRA ), P3P depends on the operator of the web server providing truthful and complete information on the scope of the data processing. The P3P agent, and therefore the end user, cannot check the information from the web server and must rely on it. However, many sides do not implement P3P or implement it incompletely. So has z. B. Google bypassed the protocol by sending an invalid P3P header.

See also

• Self data protection
• anonymity

Web links

• P3P1.1 Specification (English)
• Overview of the P3P project at the Independent State Center for Data Protection Schleswig-Holstein
• Structure of a P3P data protection declaration

Individual evidence

1. ↑ ^{a b} The Platform for Privacy Preferences 1.0 (P3P1.0) Specification W3C , Retrieved March 21, 2013
2. ^ A Loophole Big Enough for a Cookie to Fit Through Bits Blog, New York Times , Retrieved March 21, 2013
3. ↑ ^{a b} P3P 1.0 Implementations W3C , Accessed March 21, 2013
4. ↑ Safer Surfer ( Memento from March 5, 2016 in the Internet Archive ) Independent State Center for Data Protection Schleswig-Holstein , accessed on March 21, 2013
5. ↑ 25th Activity Report (2003) - Model projects for the further development of data protection. Independent State Center for Data Protection Schleswig Holstein, 2003, accessed on January 10, 2019 . 
6. ↑ Google Bypassing User Privacy Settings Microsoft IEBlog, Accessed March 21, 2013

V - D

World Wide Web Consortium standards

World Wide Web Consortium (W3C)

recommendations	ActivityPub • ARIA • Canonical XML • CDF • CSS • DOM • Geolocation API • HTML • HTML5 • InkML • ITS • JSON-LD • MathML • OWL • P3P • PLS • PNG • RDF • RDF schema • RIF • SCXML • SISR • SKOS • SMIL • SOAP • SRGS • SSML • SVG • SPARQL • Timed Text • Turtle • VoiceXML • WSDL • XForms • XHTML • XHTML + RDFa • XInclude • XLink • XML • XML Base • XML Encryption • XML Events • XML Information Set • XML Namespace • XML Schema • XML Signature • XPath • XPointer • XProc • XQuery • XSL • XSL-FO • XSLT ( elements )
Working drafts and candidates	CCXML • CURIE • SMIL Timesheets • sXBL • WICD • XFrames • XBL • XHTML + MathML + SVG • XMLHttpRequest
Remarks	XAdES • XFDL • XHTML + SMIL • XUP
Guidelines	Web Content Accessibility Guidelines • Multimodal Interaction Activity • Markup Validation Service
Initiatives	Web Accessibility Initiative