The following is a proposal for future work on P3P submitted following the November 2002 Workshop on the Future of P3P
While many sites have adopted P3P, adoption has been slower than hoped for because companies are unsure of their liabilities for statements made in P3P and compact policies given the limitations of the technology at this time. No one is suggesting that sites are not liable or should be given immunity for mistakes or misrepresentations in their P3P statements. However, everyone recognizes that P3P does not allow a site to describe every nuance of its privacy practices and that the specification is a work in progress. The purpose of this item is to clarify the current state of the specification as to what privacy practices can and cannot be expressed in the lexicon of P3P.
Minimal resources required to complete this item. A draft of proposed language could be drafted by a small group of P3P Specification Working Group members and circulated broadly for comment by the remaining members.
Based on the discussion at the P3P Workshop, there appeared to be some common ground on this issue and it should be relatively easy to resolve. It should be possible to reach consensus on language within the timeframe for version 1.1 of the specification.
Last update $Date: 2003/03/17 09:50:38 $ by $Author: rigo $