P3P Homepage

P3P WG Home

P3P WG (member)

Documents

Meetings

Bugzilla

WG-Members (member-only)

Area of future P3P work 1.a: Vocabulary issues, article 10 issues

The following is a proposal for future work on P3P submitted following the November 2002 Workshop on the Future of P3P

Purpose and scope

The success of P3P depends to a great extent on the possibility of using the system internationally without facing legal problems due to the peculiarities of the diverse jurisdictions.

Transparency is the main objective for P3P. In order to allow European controllers to be able to comply with the information requirements defined in article 10 of the European Directive 95/46/EC. At the present stage, the system contains limitations that do not enable users to comply with the information requirements of the European Directive.

The language used by P3P lacks the functionality to express a number of core elements of article 10 of the Directive, such as the purposes of the processing, the security policy or the information as to transfers outside the EU and so forth. This would mean in particular:

  1. P3P to be applied to cookies at set time only.
  2. Security taxonomy and/or semantic for security seals
  3. A more effective and standardised taxonomy to allow expression to users would be required. In the short run at least the specification that in the EU, purpose information should be explicitly provided prior to data collection.
  4. Expression of whether a recipient is within or without the EU zone and if possible any information about the level of protection in that country.

Resources

- Diana is happy to contribute to this area of work, providing comments or suggestions.

- Giles can provide technical details of what is required to meet the criteria.

Time frame

Several participants to the workshop viewed this item as a high priority.

In our view it should be possible to wrap up these issues in a very short timeframe.
The best way to do this would be through contacts & meetings between Diana, Giles and W3C in the first place. As a second stage a meeting could be organised with the internet Task Force of the Article 29 Working Party somewhere in 2003 in order to make sure that the proposals meet all their concerns.

Diana Alonso Blas, European Commission, DG Markt, Unit A 4, Data Protection
Giles Hogben, European Commission, Joint Research Centre.

Last update $Date: 2003/05/23 13:58:13 $ by $Author: rigo $