P3P deployment on websites

Authors:
Lorrie Faith Cranor;Serge Egelman;Steve Sheng;Aleecia M. McDonald;Abdur Chowdhury
Affiliations:
Carnegie Mellon University, 5000 Forbes Avenue, Pittsburgh, PA 15217, United States;Carnegie Mellon University, 5000 Forbes Avenue, Pittsburgh, PA 15217, United States;Carnegie Mellon University, 5000 Forbes Avenue, Pittsburgh, PA 15217, United States;Carnegie Mellon University, 5000 Forbes Avenue, Pittsburgh, PA 15217, United States;Illinois Institute of Technology, 10W 31St. Chicago, IL 60616, United States
Venue:
Electronic Commerce Research and Applications
Year:
2008

Citing 12
Cited 13

The anatomy of a large-scale hypertextual Web search engine

WWW7 Proceedings of the seventh international conference on World Wide Web 7
The platform for privacy preference as a social protocol: An examination within the U.S. policy context

ACM Transactions on Internet Technology (TOIT)
Use of a P3P user agent by early adopters

Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
Web Privacy with P3p

Web Privacy with P3p
Automated analysis of P3P-enabled Web sites

ICEC '03 Proceedings of the 5th international conference on Electronic commerce
Why we can't be bothered to read privacy policies models of privacy economics as a lemons market

ICEC '03 Proceedings of the 5th international conference on Electronic commerce
Improving Automatic Query Classification via Semi-Supervised Learning

ICDM '05 Proceedings of the Fifth IEEE International Conference on Data Mining
Power strips, prophylactics, and privacy, oh my!

SOUPS '06 Proceedings of the second symposium on Usable privacy and security
User interfaces for privacy agents

ACM Transactions on Computer-Human Interaction (TOCHI)
P3P Adoption on E-Commerce Web sites: A Survey and Analysis

IEEE Internet Computing
A Survey and Analysis of the P3P Protocol's Agents, Adoption, Maintenance, and Future

IEEE Transactions on Dependable and Secure Computing
Tracking website data-collection and privacy practices with the iWatch web crawler

Proceedings of the 3rd symposium on Usable privacy and security

A user study of the expandable grid applied to P3P privacy policy visualization

Proceedings of the 7th ACM workshop on Privacy in the electronic society
An analysis of privacy signals on the World Wide Web: Past, present and future

Information Sciences: an International Journal
A large-scale empirical study of P3P privacy policies: Stated actions vs. legal obligations

ACM Transactions on the Web (TWEB)
Designing a privacy label: assisting consumer understanding of online privacy practices

CHI '09 Extended Abstracts on Human Factors in Computing Systems
A "nutrition label" for privacy

Proceedings of the 5th Symposium on Usable Privacy and Security
Token attempt: the misrepresentation of website privacy policies through the misuse of p3p compact policy tokens

Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
A formal P3P semantics for composite services

SDM'10 Proceedings of the 7th VLDB conference on Secure data management
A comparative study of privacy mechanisms and a novel privacy mechanism [short paper]

ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Understanding privacy policies

Empirical Software Engineering
Evaluating the Readability of Privacy Policies in Mobile Environments

International Journal of Mobile Human Computer Interaction
Privacy policies and national culture on the internet

Information Systems Frontiers
Incorporating Privacy into the Undergraduate Curriculum

Proceedings of the 2013 on InfoSecCD '13: Information Security Curriculum Development Conference
A multi-level model of individual information privacy beliefs

Electronic Commerce Research and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

We studied the deployment of computer-readable privacy policies encoded using the standard W3C platform for privacy preferences (P3P) format to inform questions about P3P's usefulness to end users and researchers. We found that P3P adoption is increasing overall and that P3P adoption rates greatly vary across industries. We found that P3P had been deployed on 10% of the sites returned in the top-20 results of typical searches, and on 21% of the sites returned in the top-20 results of e-commerce searches. We examined a set of over 5000 websites in both 2003 and 2006 and found that P3P deployment among these sites increased over that time period, although we observed decreases in some sectors. In the Fall of 2007 we observed 470 new P3P policies created over a 2-month period. We found high rates of syntax errors among P3P policies, but much lower rates of critical errors that prevent a P3P user agent from interpreting them. We also found that most P3P policies have discrepancies with their natural language counterparts. Some of these discrepancies can be attributed to ambiguities, while others cause the two policies to have completely different meanings. Finally, we show that the privacy policies of P3P-enabled popular websites are similar to the privacy policies of popular websites that do not use P3P.