FTC: Consumer Privacy Comments Concerning The W3C World Wide Web Consortium--P954807 W3C WORLD WIDE WEB Secretary, Federal Trade Commission, Room H-159, Consumer Privacy 1997 -- Request to Participate, P954807 Dear Sir or Madam: You will find 6 copies of the slides presented before the FTC on June 11, 1997 by Tim Berners-Lee, Director of the W3C. Also included are six copies of a "script" or narrative that describes the demonstration of the P3 prototype by Mr. Berners-Lee. Joseph M. Reagle Jr. Policy Analyst Work: + 1.617.258.7621 MIT LCS 545 Technology Square, Cambridge, MA 02139 USA TEL: + 1.617.258.2613 Fax: + 1.617.258.5999 http://www.w3org/ Secretary, Federal Trade Commission, Room H-159, P3 - Platform for Privacy Preferences Architecture for a Global Medium Tim Berners-Lee Director a global and neutral forum for Web technology development. __________________ Special Assistance from AT&T, CDT, The DMA, IBM, Microsoft, and The Princeton Review. P3 Goals
Relation to IPWG 1. W3C defines technology for global use 2. IPWG develops vocabulary for privacy 3. IPWG builds community consensus on combined approach 4. W3C and IPWG marshal member resources for technical development Based on existing Web architecture 1. Meta-data (PICS) 2. Negotiation (PEP) 3. Useable in many "media," including HTML, HTTP, cookies, push technology, etc. P3 Prototype Presentation [see the following Script of the Prototype Presentation] An Architectural Approach
FTC Comment: Script of W3C P3 Prototype _________________ 0 Platform for Privacy Preferences The W3C's Platform for Privacy Preferences, often referred to as P3, addresses some of the key technical aspects of Web privacy concerns. P3 will allow sites to easily describe their privacy practices and allow users to set preferences about the release and use of their data. We call the description of privacy practices or preferences a "privacy assertion" or "privacy policy." Between the site's practices and the user's preferences, a flexible "negotiation" allows services to offer the preferred level of service and data protection to the user. Consequently, P3 promotes user confidence on the Web by enabling the fair information practice principles of "notice" and "choice." This presentation briefly describes the salient characteristics of a P3 prototype using a preliminary privacy "language" developed by the Internet Privacy Working Group. 1 user is shown interface GRAPHIC - The IPWG Draft Privacy Vocabulary Here we see a prototype of what a user sees (a user interface) when configuring P3. It is actually generated from an underlying syntax and vocabulary from which the computer can automatically describe and read privacy policies. Having the computer be able to understand the privacy policies is crucial since the computer can then act on behalf of its user to seamlessly access sites which fall within the user's preferences, or notify the user if a sites practices do not meet their preferences. Configuring all of these options may be time consuming to a beginning user. A number of steps can be taken to simplify the setting of preferences. Organizations can offer individuals "recommended" or "automated" settings that they feel represent advisable settings for a typical adult or child browsing the Web. 2 user is shown a Web page with recommended settings GRAPHIC - IPWG Privacy Preference File Choices To grab one of these settings, a user can go to a Web page that they feel is reputable and offers "recommended settings." Anyone, including organizations like browser developers, Internet service providers, trade organizations, governments, or privacy advocates can provide settings to users. Users may also be able to download recommended settings for their children: GRAPHIC - Privacy Preference Files for Children Upon arriving at the site, the user browses for the most appropriate settings. 2.1 user examines the on line "recommended setting" descriptions Seeing a description of interest, the user can click on the description and see a fuller explanation as well as the specific settings. 2.2 user examines the full descriptions GRAPHIC If the user finds a recommended setting they like, they download it to their computer for their own personal use. 2.3 user downloads the "ok to share with third parties" recommended setting to disk 3 user is shown profile editor interface, user selects IPWG and saves profile Once the recommended setting is in place, the user can always change it or tune to it to his or her specific preferences as the become more experienced. Afterwards, the user is ready to browse the Web. 4 user sees a "P3 Demo Home" page with a link to the Princeton Review www.review.com In this example, the user goes to a site that has privacy practices that fall within the scope of their preferences. For most of this page this may include the collection of clickstream data for system administration purposes. 4.1 user navigates two links on the site (top go to college banner). GRAPHIC Nothing out of the ordinary occurs! This is because there was a direct match between the user's preferences and the site's practices, hence we had a direct match and seamless interaction. 4.2 when the user hits the last go to college button, she is shown the redirect for consent page GRAPHIC In this case, the site is asking for more information than the user allows for. Hence we have a "mediated interaction." The site can choose to not admit the user since it cannot comply with her preferences, it may inform the user of its practices and ask the user to consent to them, or it may be willing to be responsive to the user's specific preferences. The option to turn this capability to "over-ride" or "consent" may disable for child profiles. 4.3 clicks consent page, and we can see that information is solicited by a form. 5 return to user interface This demonstration has been a very simple display of how the Platform for Privacy Preferences may be realized. It is important to note that users have a great deal of control and choice in which practices are accepted. And that sites can offer multiple practices depending on what service the user wants. For instance, a customized news service requires the collection of more information than a simple Web page. Also, client technologies (like browsers) are developing to allow family members to set up their own preferences and that parents could set password-protected preferences for their children. GRAPHIC In this demonstration we do not fully represent the benefits trusted third parties can play in the P3 scheme. They can offer recommended privacy settings, their own opinion of a site's practices, or auditing services and icon programs to increase the confidence users place in P3 assertions. Privacy assertions made using P3 are only a piece of the puzzle but an important one. P3 is a platform on which other technologies can interoperate and a bridge to social and market concerns about user privacy on the Web. P3 is a platform on which technical, market and social solutions for protecting privacy on the World Wide Web can be built. |