[Workshop Homepage] [Participants] [Position Papers] [Agenda] [Minutes]
November 13, 2002
Lorrie Cranor
In the paper: Problem, websites don't have control of presentation of their policy through the user agent. Based on discussions, need to revisit that. P3P defines an expert level of privacy, precise definitions. Thus UA implementers, try to make fewer choices, thus more accessible. May create inconsistencies as seen by users.
In process of building interface, UA Imp. Has to make choices for user. High or med. Setting short description, so users get a small snapshot, thus not getting what UA is actually doing.
Seen cases of UA's interpreted statements that are not entirely accurate, honest errors. Some might not be honest errors. Or extremes, eg marketing an evil terror. Some UA leave out info in summary. No incentive for UA implementers to correct mistakes, even after we point them out.
What can we do:
UA need complete documentation. Some sort of certification. Who would do cert. How it would work. Need UA guidelines, or standard, question of scope etc. actions you can take, where to draw the line. Need to consider in the future..
Brian Zwit
P3P definitions were NOT written for consumers, some user agent is doing the interpreting for consumer. Puts burden on UA coders. That now means browsers. So: what is the goal of UA and P3P: transparency, to who: consumer. What we need is: easy and understandable to the consumer. Needs to be kept in mind, consumer just wants it to work. That goes for P3P and privacy.
concern for policy working group
concern for spec group
need how spec fits into browser and UA, complexity makes the coding more difficult, with 53 tokens, high number of combinations. Whole interface becomes more technical.
For coders: interface, forms, buttons, have to be thought about, the messages need to be clear and easy to understand. Not a college level. Has to be clear. Different functionalities and features. Caution as people want to turn it off. . Coders make value judegements as to what triggers blocks etc. Coders given tokens and need to put in English. But you have to simplify, tough decisions there.
Need guidelines for transition of p3p statements into local language. Everybody has interpretation.. Helpful to give browser writers something to move forward on.
Cem Paya
Settings in the browser are there to reflect user choices, not implementers. To enable user to make judgements. Ideally implementers should not be involved in setting defaults.
Answer:
whatever comes out of the box, most people will keep. Thus the default sets values etc.
Marty Abrams:
role of UA, need to think of separating conveying of information and view or value about the information, need standards.
Lorrie Cranor:
UA implementers are making tons of value judgements.
Question:
UA is really working on behalf of the user or at least ideally. Should all UA have similarities. Users have different perspectives.
Lorrie Cranor:
where to draw the line, need to have some direction here, there is no market for UA so it is not a market driven thing.
Matthias Schunter:
Rating engine (UA) should be unbundled from browsers to allow better choice,
Dan Schutzer::
When Human readable policy have some standard conformance. That would make us feel a little easier.
Steve Adler:
Are there plans for P3P for instant messenger clients like MSN or AOL.
Daniel Weitzner:
not heard of this yet.
Ian Jacobs:
UA should not be doing interpetration work. Take it out of UA. Don't hear need for guidelines yet. Key aspect of WAY guidelines technology independent. Rely heavily on external guidelines.
Process, build consensus, test suite, important to be specific, how to be both generic and specific.
Guidelines divided into check-points. Hone in on actual functional requirements.
Themes that comeup. How do you know when a user has actually done something, how do you deal with mistakes?
Keep the key choices in the SPEC, keep decisions out of developer's hands.
Id the needs of the different parties involved.
Ari Schwartz:
Seems guidelines on formatting and functionality requirements. Issue, dictating to UA regarding what is presented to the user.
Ian Jacobs:
Make all content viewable to the user. Follow specs. Don't make someone else interpret working groups meaning.
Marty Abrams:
Printed notices were not working, asked me is there an approach. At sader, communicate to the four sons., led to layered notices. Needs to be room for lengthy notice. P3P fits into layered notices.
Believe the research, how do people what to be communicated to. What I see today is effected by what I saw yesterday. Same pattern and language allows comparison.
See: book, he held up on short notice.
That means, template sets out where to find notice.
Research shows hou can't have more than 7 elements, eg. HIPPA, 30 different notice elements.
The notice, can only be short, makes sense to use a template based notice, with enough consistency so that from one policy they can look at the next policy. Legislative environment. This type of layered notice will help consistency.
Mathias Schunter:
You need language that can allow user to specify preference.
Marty Abrams:
You need to translate long into short to ensure consistency. We found long notices as trust sapping in focus groups. Concerns that long notices are trying to hide something.
See layered notice package.
What is in short notices that is not in P3P: types of data e.g. email addresses like . mabrams at hunton.com>
Matthias Schunter:
UA and how they can explain P3P policies. Found more fundamental problem, what does P3P mean, looked at the spec.
Unclear see slides:
Talked to P3P working group. There is a complete semantics but only in the heads of the working group. Need definitions that clarify and complete semantics.
Problem: UA wide variety of UA, hard to do guidelines for all of them. Do some standard classes of UA and do guidelines for each group.
Introduce, quality of consent., types of consent. Consent too fine grained. IN practice consent needs to fit with the business.
Have business driven consent groups. E.g. for medical research, These groups imply consent.
Ian Jacobs:
Chose generic model, interms of accessibility Work with groups with specific interests.
Lorrie Cranor
there is no consent mechanism in P3P.
Giles Hogben
Clarify. Full P3P policies do contain human readable. There are far more than 53 elements in p3p policy.
See slides. Re: need to include psychologists etc. Failed because done mainly by technologists.. How to capture conceptual models of those without technical experience.
Privacy bird higher ontology of P3P, study of that that would be a fruitful exercise
Ontology architecture, helps deal with gaps between law and technology.
Ontology can represent conceptual models can represent UA's.
Different interface, EU will require user interface. Purpose information presented directly to consumer.
See slide of photo shop, left hand side show UA? Information? Need simple graphical UA. Not complicated.
Question Matthias Schunter
Does EU law, actual text required to be displayed,
Diana Alonso-Blas
Need it every single time. You have preferences, the UA makes match. This has to be available . Oblicgation to actively provide information everytime
Giles Hogben
higher level of ontology would off specification that users could see.
Lorrie Cranor
UA guidelines. Specifically display guidelines for user information.
How do we make this tool more friendly to users. Provider can put whatever they want the statement. Takes some of the concerns out.
Unkown delegate from MS table.
Focus should be o n that let markets sort that out
UA has responsibility to see both. Be cautios about calling it UA guidelines. Need to realise, Lot of different experiences that P3P needs to be able to accommodate that goes beyond browser interface for P3p. Don't constrain developers.
Dan Schutzer
Found the text in P3P somewhat confusing, some fixing needed there. Then problem of what to call this. Would like to be able to communicate our judgement calls. How your group things change impression of content.
Marty Abrams
UA only makes sense in this room. What really counts is market trust. If something saps trust and understanding, we need to have a standard that builds trust and allows them to see how the browser makes the decision. Needs some comfort.
Danny Weitzner
We set up to create machine readable privacy policies, not human readable policies. Need to work with others to bring in this. WE need to know what we are telling the machines. Need to start thinking how they need to work.
[Workshop Homepage] [Participants] [Position Papers] [Agenda] [Minutes]
Last update $Date: 2002/12/02 12:05:09 $ by $Author: rigo $