Note

Date: Nov. 30, 2001
Link: http://www.w3.org/TR/p3pdeployment
Source Author or Organization: AT&T, Microsoft, NEC, ETH Zentrum

The Platform for Privacy Preferences (P3P) is a protocol that provides a way for developers to state the privacy policies of a Web site in an XML format that's machine-readable for automatic retrieval and interpretation by standard browsers and other user agents and also human-readable.

The stored privacy information is known as a P3P policy, and is made available through placement in a special location, via a link element or through a Hypertext Transfer Protocol (HTTP) header. The type of information covered may include the site's practices regarding cookies, data collection, data use and data sharing.

This Deployment Guide discusses what authors and developers need to do to deploy P3P on a Web site, how to develop a P3P policy and map it to a site, various methods for publishing policies (including pros and cons of each approach) and step by step deployment instructions for popular Web servers. A properly deployed P3P policy will allow authors to make a site's privacy policies transparent to visitors while also enabling automated operations, for example a browser notifying a user of a site policy that does not match the user's preferences.