Title: CC/PP and P3P harmonization for privacy protection and explicit definition of server request Author: kazuhiro Kitagawa Affiliation: W3C/Keio University, Device Independence Activity Lead Generally, it is called Web contents adaptation that allows users to give their unique access to localize information on the Web about their immediate environment, objectives and device capabilities. Users expect specialized contents in their particular situation in a secure way. When using personal identifiable environmental information, it is very important to protect their privacy. The Web community also has recognized that privacy issues are the fundamental part of the Web. A server should not use device information and environmental information without user's authorization. Although these expectations, there are no particular open standard core vocabularies for the CC/PP and no exchange mechanism in secure way for the Web is proposed. Here, I would like to discuss a trust model for CC/PP data transfer to protect their information by CC/PP harmonization with P3P. P3P describes policy files of Web sites using XML, and a client automatically retrieves and interprets the policy files from the Web site when a user visits there. Then, it compares between the policy file of the Web site and owns one. P3P policy file defines the information only which Web site needs to provide its contents and services. Therefore, the information to be exchanged between a client and a server is only the minimum requirements. A user can't specify the information which is to be sent or not with CC/PP explicitly and the information that each server needs is naturally different. A client conveys all information to a server, due to lack of privacy protection mechanism of CC/PP. A client can understand the information for which a server needs. P3P policy file could be created by the RDF schema file which defines CC/PP vocabularies. The design mediates a gap between CC/PP vocabularies and P3P policy definition which is one of the missing piece of the Web related specification. It guarantees the consistency of the CC/PP and P3P. P3P guarantees that a server receives only necessary information to provide Web contents and services. We believe that P3P can complement the privacy aspect of CC/PP and specifies minimum required information exchanged between a client and a server