The leaders of a World Wide Web Consortium (W3C) yesterday outlined changes made to an Internet privacy proposal.
to separate out health care information, which is a sensitive issue for many people, said Lorrie Cranor, chair of the P3P working group.
Quicker The new P3P working draft also records changes that should help speed the exchange of data between client and server, Cranor added. She and other W3C project leaders issued a status report on the privacy specification at this week's Ninth International World Wide Web Conference.
Despite the W3C working group's three-and-a-half-year effort to appease businesses, privacy advocates, technologists and governmental officials, the P3P proposal continues to attract criticism from those who say it does not go far enough to protect privacy.
Gentleman’s agreement One conference attendee described P3P as a "highly formalized expression of a very informal agreement", similar to a handshake, and questioned whether an agreement would hold up in a court of law.
"This looks to me like you're going to be working on this 10 years from now – with those legal issues in particular," said another attendee, David Brownell of California. Brownell said there "needs to be teeth in these policies" for the privacy specification to work.
Danger Web sites that adopt the P3P specification could also face governmental action, or be sued for engaging in deceptive practices, Wenning added.
Cranor predicted that P3P will reach W3C recommendation status, the final step in the approval process, this fall. He added that increasing numbers of Web sites will adopt the specification due to heightened pressure from the US government for companies to self-regulate themselves on the issue of online privacy.
But privacy advocate Jason Catlett, president of Junkbusters in Green Brook, New Jersey, countered that if the P3P specification "is used as an excuse not to require legally guaranteed privacy rights, it will have done everybody a disservice".