What Is P3P (Privacy Preferences Platform)?

Trying to monitor and protect your online privacy is a challenge. Websites aren't always forthcoming with their policies and may classify things differently. Wish it were simpler? P3P did too.

What is P3P? 

P3P stands for “Platform for Privacy Preferences Project”. It is a project by the Internet standards setting body, the World Wide Web Consortium (W3C), which aims to help consumers manage their privacy while navigating websites which have differing privacy policies (ie., what information is collected, what duration is set, among others). Users set their privacy preference in their P3P-enabled browsers.

Before a user loads a site, the browser's P3P agent checks the privacy policy of the website being loaded. If the site falls within the user's preset privacy settings, the site loads automatically. If the site's privacy policy doesn't match the user's settings, the user is prompted.

Critics of P3P note that it offers weak protection against the highly evolving pace of website content, only a small fraction of websites complies with P3P or even have a privacy policy, and there's no legal compulsion for websites to enforce their privacy policies. In essence, the P3P, its critics charge, is a well intentioned failure—a toothless tiger.

Who created P3P?

Privacy Preferences Platform (P3P) was set up by the World Wide Web Consortium (W3C), the international governing body that sets up standards for the Internet. W3C established P3P standards to help users protect their privacy using the Internet.

P3P addresses consumer concerns about the type and number of data gathered by websites. At its most basic, any website that collects user information must clearly declare the reasons for the data collection, how it plans to use the information, and the amount of time it will retain the information.

A P3P-compliant website will display its privacy policies to users that use browsers with the P3P feature. Automatically, the P3P-compliant browser will accept or deny cookies or bypass the site based on the settings that user has set. The user receives an alert and can override the previously set privacy level.

Why was P3P created?

P3P (Privacy Preferences Platform) was established by the World Wide Web Consortium (W3C) to provide internet users with a sense of privacy when surfing the internet. W3C is the official web standards body, which essentially attempts to bring law and order to the Internet.

P3P started to allay consumer concern about the amount of data collected by web sites. The idea is that any site gathering information about its users should state why it wants the information, and how long information will be retained for. For example: "We are monitoring these pages to improve site usability," or "We want to make our advertising more relevant." A user visiting a site with a P3P policy has access to its privacy policies and can decide whether or not to accept cookies or use that site at all.

How do P3P privacy controls work?

P3P enables you to control - at browser level - how websites use information about your visit.

You can actually set privacy preferences in your browser before you begin to surf the internet. As you download web pages a P3P-enabled server will send the content to your browser together with a privacy policy that your browser can automatically read. Before your browser displays the page it will match your privacy preferences with the site's - if there is not a match, you will be alerted so that you can decide whether to proceed or not. For a more detailed explanation of this ongoing project please click here www.w3.org/P3P/.