Angelique Carson writes:
The Platform for Privacy Preferences (P3P) was created in 2002 as a tool to protect users’ privacy as they navigate the Internet. The voluntary platform was adopted by Internet Explorer, the only browser to make meaningful use of it, but since its inception, has faced a number of challenges to its intended success.
Ari Schwartz of the National Institute of Science and Technology chaired the outreach subcommittee that formed in 1998 to work on P3P’s specs. He says the group’s focus was to get a policy built into Web browsers that would make automated decisions, knowing that privacy policies would be complex.
“In reality, that code is a dramatically important privacy statement that legal departments should be writing,” Polonetsky says.
Second, privacy policies are so detailed with disclaimers and disclosures that they are very difficult to fit to a specification such as P3P, making it nearly impossible to write a highly accurate statement, he says. Cranor agrees that policies are lacking because of the existing difficulty in trying to write a CP that is both completely transparent and also adheres to this coding system.
“One of the ways companies are getting around this is that they have a policy that is basically empty, because if you don’t say anything, then you don’t say something unsatisfactory,” Cranor says, adding that this results in incomplete policies that allow the cookie through but ignore user preferences.
Read more on IAPP.