P3P, or the Platform for Privacy Preferences Project, is the World Wide Web Consortium's (W3C) answer to the problem of protecting personal data on the Web. It's a voluntary protocol for informing Web users of what they're getting into and setting a standard for Web providers to explain what they're planning to do with personal data.

P3P is supposed to ensure that a series of questions are answered about how personal information provided by Web users is handled. None of the policies are legally enforceable, however, nor is there a mechanism to ensure that organizations follow through. The onus is on consumers to reject Web sites that don't meet their guidelines. This has led critics to claim that P3P does little to protect users but does facilitate the collection of personal data by Web providers.

P3P began as an effort to establish a voluntary protocol with free, marketlike negotiation between Web users and Web providers. Users might have P3P-aware browsers or install P3P-aware applications, such as AT&T Corp.'s privacy bird (available for free download at www.privacybird.com.) Once the privacy bird has been configured, it searches for machine-readable privacy policies at every Web site the user visits.

The privacy bird icon is green for Web sites that match the user's stated privacy guidelines, red for sites that don't match, yellow for those that don't provide P3P policies and green with a red exclamation point for sites that might match but have embedded images that have nonmatching or no privacy policies.

The idea is that users can accept or reject Web sites in an informed way and can examine what it is about offending Web sites that doesn't meet their standards. Before the Jan. 28, 2002, publication of P3P 1.0, proponents had thought that users might engage in negotiations with Web providers to reach mutually agreeable terms, but the protocols required to implement such transactions proved to be dauntingly complex.

On the provider side, P3P establishes a standard set of file formats, based on XML, that can be used to publish privacy policies. Tools such as P3PEdit, available at www.policyeditor.com for US$70, can be used to create the appropriate files.

Few Web providers publish privacy policies. The list of such sites maintained at the P3P Web site (www.w3.org/P3P) underlines the small number of P3P-compliant providers there is. If P3P doesn't catch on, Web surfers who embrace it may have to bend their own standards the majority of times they bring up new pages, until, as critics point out, they simply turn off the warning.

Two Main Issues

There are two categories of privacy issues that are addressed by P3P. One is the obvious request for information that Web users butt into when they complete commercial transactions on the Web, register for online services or enter sweepstakes. They may be asked for information such as their name, billing address and credit card number, along with additional information such as age, income level and preferred travel destinations.

E-commerce providers have found a worrisome number of Web users simply aborting transactions when faced with requests for personal data. The Web providers hope users will be persuaded to complete transactions if they know reasonable privacy policies are in place. Which is why many critics believe P3P is really a mechanism to grease the flow of personal data in the name of e-commerce.

"With P3P, we are enabling the development of a whole new class of Web tools and services that will help users protect their privacy while streamlining e-commerce transactions," Daniel J. Weitzner, the W3C technology and society domain leader, wrote on the P3P Web siteThe other category of privacy issues addressed by P3P is that of cookies and Web beacons. Although cookies were originally envisioned by their Netscape developers as transient objects saving information on users' computers for single transactions, they have become more like permanent or semipermanent tags referring back to databases on the providers' computers. Cookies and Web beacons, which are unobtrusive, 1-pixel images that search for cookies on users' computers, cannot solicit information from users but can be used to track user Web behavior. Third-party banners and advertisements can install cookies and have beacons that read them.

Sophisticated users can establish cookie acceptance rules without P3P; firewalls can be used to control cookie behavior; and there are tools for disguising IP addresses. But for most users, the world of cookies and beacons is invisible and arcane, and P3P aims to address privacy concerns in this realm that might have led to more intrusive and legally binding standards such as those adopted by the European Union's Data Directive.

P3P policies apply to the information gained through cookies as much as through overt data collection forms. The privacy bird will turn green or red depending on the cookie policy of the site that the user intends to visit.

The European Union rejected P3P in January 1998 for establishing standards of privacy that were too low and for shifting the burden of enforcing privacy on Web users rather than on data controllers with legally binding rules. This means that the future of P3P and of the market in personal data remains unclear.