The platform for privacy preferences
Communications of the ACM
Building consumer trust online
Communications of the ACM
Designing trust into online experiences
Communications of the ACM
Innovative web use to learn about consumer behavior and online privacy
Communications of the ACM - Digital rights management
Building customer trust in mobile commerce
Communications of the ACM - Digital rights management
Web Privacy with P3p
Privacy policies as decision-making tools: an evaluation of online privacy notices
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
The language of privacy: Learning from video media space analysis and design
ACM Transactions on Computer-Human Interaction (TOCHI)
Securing user inputs for the web
Proceedings of the second ACM workshop on Digital identity management
Doppelganger: Better browser privacy without the bother
Proceedings of the 13th ACM conference on Computer and communications security
Conceptual modeling of privacy-aware web service protocols
CAiSE'07 Proceedings of the 19th international conference on Advanced information systems engineering
Simplified privacy controls for aggregated services: suspend and resume of personal data
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
Privacy-enhanced user-centric identity management
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
An analysis of private browsing modes in modern browsers
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Towards a similarity metric for comparing machine-readable privacy policies
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
| Hi-index | 0.00 |
Website privacy policies state the ways that a site will use personal identifiable information (PII) that is collected from fields and forms in web-based transactions. Since these policies can be complex, machine-readable versions have been developed that allow automatic comparison of a site's privacy policy with a user's privacy preferences. However, it is still difficult for users to determine the cause and origin of conformance conflicts, because current standards operate at the page level - they can only say that there is a conflict on the page, not where the conflict occurs or what causes it. In this paper we describe fine-grained policy anchors, an extension to the way a website implements the Platform for Privacy Preferences (P3P), that solves this problem. Fine grained policy anchors enable field-level comparisons of policy and preference, field-specific conformance displays, and faster access to additional conformance information. We built a prototype user agent based on these extensions and tested it with representative users. We found that fine-grained anchors do help users understand how privacy policy relates to their privacy preferences, and where and why conformance conflicts occur.