Table of Contents

Foreword

Preface

Part I. Privacy and P3P

 1. Introduction to P3P
     How P3P Works
     P3P-Enabling a Web Site
     Why Web Sites Adopt P3P

 2. The Online Privacy Landscape
     Online Privacy Concerns
     Fair Information Practice Principles
     Privacy Laws
     Privacy Seals
     Chief Privacy Officers
     Privacy-Related Organizations

 3. Privacy Technology
     Encryption Tools
     Anonymity and Pseudonymity Tools
     Filters
     Identity-Management Tools
     Other Tools

 4. P3P History
     The Origin of the Idea
     The Internet Privacy Working Group
     W3C Launches the P3P Project
     The Evolving P3P Specification
     The Patent Issue
     Feedback from Europe
     Finishing the Specification
     Legal Implications
     Criticism

Part II. P3P-Enabling Your Web Site

 5. Overview and Options
     P3P-Enabled Web Site Components
     P3P Deployment Steps
     Creating a Privacy Policy
     Analyzing the Use of Cookies and Third-Party Content
     One Policy or Many?
     Generating a P3P Policy and Policy Reference File
     Helping User Agents Find Your Policy Reference File
     Combination Files
     Compact Policies
     The Safe Zone
     Testing Your Web Site

 6. P3P Policy Syntax
     XML Syntax
     General Assertions
     Data-Specific Assertions
     The P3P Extension Mechanism
     The Policy File

 7. Creating P3P Policies
     Gathering Information About Your Site's Data Practices
     Turning the Information You Gathered into a P3P Policy
     Writing a Compact Policy
     Avoiding Common Pitfalls

 8. Creating and Referencing Policy Reference Files
     Creating a Policy Reference File
     Referencing a Policy Reference File
     P3P Policies in Policy Reference Files
     Changing Your P3P Policy or Policy Reference File
     Avoiding Common Pitfalls

 9. Data Schemas
     Sets, Elements, and Structures
     Fixed and Variable Categories
     P3P Base Data Schema
     Writing a P3P Data Schema

10. P3P-Enabled Web Site Examples
     Simple Sites
     Third-Party Agents
     Third Parties with Their Own Policies
     Examples From Real Web Sites

Part III. P3P Software and Design

11. P3P Vocabulary Design Issues
     Rating Systems and Vocabularies
     P3P Vocabulary Terms
     What's Not in the P3P Vocabulary

12. P3P User Agents and Other Tools
     P3P User Agents
     Other Types of P3P Tools
     P3P Specification Compliance Requirements

13. A P3P Preference Exchange Language (APPEL)
     APPEL Goals
     APPEL Evaluator Engines
     Writing APPEL Rule Sets
     Processing APPEL Rules
     Other Privacy Preference Languages

14. User Interface
     Case Studies
     Privacy Preference Settings
     User Agent Behavior
     Accessibility
     Privacy

Part IV. Appendixes

A. P3P Policy and Policy Reference File Syntax Quick Reference

B. Configuring Web Servers to Include P3P Headers

C. P3P in IE6

D. How to Create a Customized Privacy Import File for IE6

E. P3P Guiding Principles

Index