Re: WORTH READING CMU Privacy-Enhanced Search Engine Study

[David Farber <dave () farber net>]

Begin forwarded message:

From: Rigo Wenning <rigo () w3 org>
Date: December 17, 2007 10:46:44 AM EST
To: sethb () panix com
Cc: dave () farber net, Lorrie Cranor <lorrie () cs cmu edu>, harraton () cmu edu
Subject: Re: [IP] Re:      CMU Privacy-Enhanced Search Engine Study

Hi all,

On Friday 14 December 2007, David Farber wrote:
> ________________________________________
> From: Seth [sethb () panix com]
> Sent: Thursday, December 13, 2007 9:11 PM
> To: David Farber
> Subject: Re: [IP] Re:    CMU Privacy-Enhanced Search Engine Study
>
> harraton () gmail com [harraton () gmail com] On Behalf Of Janice Tsai
>
> [harraton () cmu edu] wrote:
> > The purpose of Privacy Finder is to make privacy information more
> > accessible.  It does that by pulling P3P policies for users and
> > displays a "privacy meter" of how well that particular site's P3P
> > policy matches your preferences.
>
> In other words, it completely ignores whether or not the site
> actually follows good privacy practices, because it's easier to
> look at its policy.
>
> Many sites claim to have good practices, yet email addresses given
> only to them end up in the hands of spammers.

Dear Seth,

as was told, the search engine implements P3P, like Google implements
a search only within works available under a Creative Commons
license. I am still responsible for P3P @ W3C.

Now once the site published the P3P Policy, it is bound by it. In
fact, P3P renders data usages public. Opaque data collection
practices, browser chatter, cookies, beacons, all has to be declared
and the use of that data has to be explained. P3P opens the former
blackbox of hidden data collection. This let to many corrections
already as watchdogs will look at the P3P Policy and will find the
leaks and lies. The resulting public pressure and interest from
regulators is more than enough as a thread or sanction. A scandal is
much more expensive/damaging than the usual administrative fines in
normal privacy cases. (We have examples, e.g. us-government drug
addiction site using a tracking cookie despite a privacy policy
claiming the contrary.

The hard enforcement of adhering to the published intentions is a
social issue. Again, experience was, that those making policies to
make some browser implementations happy feared the public blame so
much that when they were caught, they corrected either the policy or
the behavior or abandoned P3P.
If we want to go into technical enforcement, there was already a lot
of research to enforce those policies including a full fledged system
to recall information by HP Labs in Bristol (Siani Pearson) by
implementing a chain of trust using the trusted computing group's
technologies. There is still research going on. Please look at the
PRIME project: https://www.prime-project.eu/ that has sticky policies
that travel with the data record etc.. A search engine like privacy
finder is an ideal complement as it renders more visible those who do
the right thing.

BTW, P3P tools are very good at discovering web beacons and other
tracking techniques. But they won't block automatically. It is
entirely on the user side tools to have their blocking behavior tied
to P3P Policies. P3P tools are also very good to distinguish
interoperably between good and bad cookies. As you know, a stateful
web needs cookies. Blocking them all isn't really an option. With the
Web 2.0 paradigm we see even more scripts and things collecting data
from the user. One can see already with recurrent small scale
scandals that a tool that makes data collection more visible AND
comprehensible is not "has been".

Best,

Rigo Wenning
W3C Privacy Activity Lead


-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com