Interesting People mailing list archives
Re P3P and liability ([dave () farber net: IP: P3P, IE6 and Legal Liability: [risks] Risks Digest 21.82])
From: David Farber <dave () farber net>
Date: Sat, 15 Dec 2001 00:25:01 -0500
Date: Fri, 14 Dec 2001 18:08:56 -0800 From: Seth David Schoen <schoen () eff org> To: eff-priv () eff org This is actually an ad for an article its author is selling about how to avoid legal liability for claims made with P3P. My main concern with P3P was that it wasn't clear to me that a P3P document was a valid contract, and not clear that it could be enforced (or would actually be monitored by anyone). The structure of P3P is approximately that a web server can send you a structured document which means something like "On my honor as an HTTP/1.1 server, I promise not to share personally identifiable information with any other companies". It's hard for me to see what the right way of doing this is. On the one hand, it's nice to have a formal language for talking about privacy policies (although it could be argued that very few people think about their privacy in terms which map strictly into the P3P language). On the other hand, the legal liability and enforceability issues are huge, almost the whole point, and W3C deliberately declines to address them (much like the folks at CPTWG saying "We're going to make up a technical architecture for broadcast video copy protection, and not talk about how it's going to be enforced"). P3P is parallel to PICS, in many ways -- it was organized as a "voluntary" "interindustry" "consensus" "solution" (and both are open standards). Both schemes rely on publishers to make certain representations about themselves in a formal language, assume that users' software will explain the policies to the users (and possibly not allow the users to communicate with sites which don't make statements about their policies).
For archives see: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Re P3P and liability ([dave () farber net: IP: P3P, IE6 and Legal Liability: [risks] Risks Digest 21.82]) David Farber (Dec 14)