P3P Guiding Principles

W3C NOTE 01-May-1998

This Version:
Latest Version:
Previous Version:
Please see drafts at the P3P Interest Group. [member only]
Lorrie Faith Cranor (AT&T Labs-Research) lorrie@research.att.com

Status of This Document

This is a W3C Note for review by W3C members and other interested parties. It is a draft document and may be updated, replaced or obsoleted by other documents at any time. It has no standing what-so-ever, and may include statements that lack strong consensus in order to stimulate debate or document differences among the interest group members. This draft document was produced in compliance with W3C process.

This set of Guiding Principles is one section of the P3P Implementation Guide, a work in progress by the P3P Interest Group. At this point, it is not intended to be independently advanced toward W3C recommendation status. However this document will likely be revised. The P3P Implementation Guide is not part of the P3P specification in that it does not contain requirements for P3P compliance.

This document is made public for the purpose of receiving comments that inform the W3C membership and staff on issues likely to affect the acceptance and adoption of the P3P. Comments should be sent to p3p-comments@w3.org.

This document is part of the Platform for Privacy Preferences Project Activity.

The Platform for Privacy Preferences Project (P3P) has been designed to be flexible and support a diverse set of user preferences, public policies, service provider polices, and applications. This flexibility will provide opportunities for using P3P in a wide variety of innovative ways that its designers had not imagined. The P3P Guiding Principles was created in order to:

  1. Express the intentions of the undersigned members of the P3P working groups when designing this technology.
  2. Suggest how P3P can be most effectively used in order to maximize privacy and user confidence and trust on the Web.

In keeping with our understanding of flexibility, this document does not place requirements upon any party. Rather, it makes recommendations about 1) what should be done to be consistent with the intentions of the P3P designers and 2) how to maximize user confidence in P3P implementations and Web services.

We invite organizations, individuals, policy-makers, and companies who use P3P to join us in supporting these principles.

Information Privacy

P3P has been designed to promote privacy and trust, and enable individuals to make informed decisions about the collection and use of their personal information. However, P3P alone does not guarantee privacy or trust. Trust is built upon the mutual understanding that each party will respect the agreement reached. In order to preserve trust and protect privacy, organizations should only collect personal information with the knowledge and agreement of the person to whom it relates, and inform that person about the way information will be used and with whom it may be shared.

Those who use P3P can preserve trust and protect privacy by applying recognized principles of data protection and privacy to their information practices:

In addition, service providers and P3P implementers should recognize and address the special concerns surrounding children's privacy.

Notice and Communication

Service providers should provide timely and effective notices of their information practices; and user agents should provide effective tools for users to access these notices and make decisions based on them.

Choice and Control

Users should be given the ability to make meaningful choices about the collection, use, and disclosure of personal information. Users should retain control over their personal information and decide the conditions under which they will share it.

Fairness and Integrity

Service providers should accurately represent their information practices in an upfront and straightforward manner. P3P proposals should never be crafted with the intention of misleading users or exploiting loop holes.


User agents and service providers should facilitate secure transmission and storage of data.


The following is a list of privacy principles and guidelines that helped inform the development of P3P and that may be useful to those who use P3P:


The following definitions reflect the way these terms are used in this document.

preferences - A set of rules that determines what action(s) a user agent will take or allow when involved in a conversation or negotiation with a service.  Users' P3P preferences should reflect their attitudes towards the use and disclosure of their personal information.

proposal - A series of P3P statements that describe the privacy-related terms (practices) under which a service proposes to interact with a user or user agent.

service provider - The person or organization that offers information, products, or services from a Web site, collects information, and is responsible for the representations made in a practice statement. Note, the term service provider in this document does not refer to Internet Service Providers (ISPs), except where ISPs also provide services from Web sites.

user - An individual (or group of individuals acting as a single entity) on whose behalf a service is accessed and for which personal data exists.

user agent - A program that acts on a user's behalf. The agent may act on preferences (rules) for a broad range of purposes, such as content filtering, trust decisions, or privacy. For P3P purposes, a user agent acts on a user's privacy preferences. Users may use different user agents at different times.

Copyright © 1998 W3C (MIT, INRIA, Keio ), All Rights Reserved. W3C liability, trademark, document use and software licensing rules apply.