The Platform for Privacy Preferences Protocol (P3P
) is a W3C specification
for a web site
into a machine readable
format. This XML
file can then be parsed by the end user
's browser agent
, which has been preprogrammed
with the user's privacy preferences
, and may take actions
based on these preferences.
As an enduser, Alice goes to www.connect.example.com. Her browser fetches the P3P policy file for the root area, which tells her agent that the only data collected is normal webserver logs. A few clicks later, Alice reaches the members section, where logon IDs are user's email addresses. Her browser agent has fetched the relevant policy file, and, as programmed by Alice, warns her of the about to be requested email address, and the purpose, as specified in the policy file, "to maintain a userbase, and allow targeted membership mailings."
Alice chooses to enter, and later decides to buy a membership. Again, her browser agent has fetched the relevant policy, and warns her that her name, address, telephone number, and credit card will all be collected, for the company sales list.
The W3C deferred including a data transfer specification in P3P 1.0, to allow the 1.0 specification to be published in a reasonable timeframe.