SSL Privacy Seal Program

P3P Online Privacy Information

Online Privacy Protection

About Personal Information Collection


P3P Information

About The P3P Privacy Initiative


P3P And Online Privacy Protection

Online Privacy Protection And P3P Links

Online Privacy Protection And P3P Resource Links from Guardian eCommerce >>


Online Privacy Protection

Personal Information Collection

Why is there personal information collection on the Internet, and how is it used?

There will be times when you must provide personally identifiable data over the Internet. If you are engaging in a transaction such as an online purchase from an online retailer, you may have to give your address, so that the item can be delivered, and then your name and a credit card number, so that the seller can receive payment. If you are signing up to receive an online newsletter by e-mail, for example, then your e-mail address has to be given. But there are many other times when you are asked for personal information over the Net. If that personal information data isn't essential for the delivery of a product then it is most likely being used for the purposes of marketing. For example, sites will offer some features only for 'members' who sign up for a free account on their system. This allows them to track return visits and to link page views with a single user. Over time they may also gather some personal information on demographics and preferences. Some of this marketing may relate to you personally (i.e. you may receive targeting mailings from the company behind the Web site), and some of it may not. Web sites that carry advertisements almost always need some demographic information to inform advertisers about their audience. This can be produced in aggregate form in a way that does not reveal personal information about individuals. Whether it could be linked back to you is hard to predict, as discussed in the What is personally identifiable information? section below.


What is online privacy protection or personal information privacy?

Online privacy protection or personal information privacy used to mean those areas of privacy relating to personal information about you. It distinguishes this from other privacy concerns such as spying, wiretapping, eaves-dropping, etc. Data privacy or personal information privacy relates to the use of your name, address, phone number, bank records, medical records, and other personal information pertinent to online privacy protection.


How do people get personal information about me?

Your personal information can be gathered from a wide variety of transactions and activities. Each use of your credit card becomes a recorded transaction for the company or online store you purchased from. Phone calls to 800 numbers reveal the phone number you are calling from (even if you have caller ID blocked). Forms and warranty cards that you return to companies often ask for additional personal information about your buying habits and demographics. If you are a registered vote, own a home or a business, your name and address are in public records. Unless you lead a nearly invisible-like existence, your name and address are in a large number of customer lists and other databases.

The sum of these individual bits of personal information data, some of which you have revealed consciously and others that are inherent in transactions, can create a fairly detailed profile of you. Computer techniques called 'data mining' make it possible to put together personal information from different sources. In this way, personal data about you that was gathered by different people at different times can be combined creating a profile that is much more revealing than any of the individual parts. When you give a small piece of personal information about yourself during a transaction, you are unaware of the other personally identifiable data that company may have access to. This makes it very hard for you to know the effect of any one piece of personal information.


Why should I worry about what personal information is collected about me?

Many personal information uses are annoying, but usually not dangerous: it leads to an increase in junk mail and telemarketing calls. Sometimes it can even be amusing, other times it can be heart-wrenching, as in the case of parents who have tragically lost a newborn child but find themselves on mailing lists for new parents. The increase in personal information gathering, however, increases the risk of data-related crimes like credit card fraud and identity theft. The reliance on data banks of personal information for credit ratings means that data errors have the potential to greatly disrupt the lives of innocent persons. It also provides opportunities for scam artists who base their 'cons' on detailed personal information about their victims. The more personal information that there is about us in databanks over which we have no control, the more opportunity there is for this data to be used in ways that causes online privacy protection problems for us. Guardian eCommerce provides a consumer alert page to protect people from such consumer scams.


Isn't personal information privacy the default?

Only in some situations. The P3P privacy preference model is commonly used to describe the options that consumers have in the commercial marketplace, in terms of online privacy protection rights. With most consumer actions in North America as a whole, giving your personal information, like name and address, to a company is an implicit agreement that they can use that data unless you specifically 'opt out' by stating that you do not want to receive mailings, phone calls, etc. In other situations, such as our interactions with medical and legal professionals, online privacy protection rights are assumed to be the default and our personal information can only be revealed to others under specific circumstances.


Don't I have a right to online privacy protection?

There is no right to privacy or online privacy protection similar to the right to free speech. Privacy (or even online privacy protection for that matter) isn't mentioned in the constitution (and surely was not an issue at the time that the founders were considering basic rights.) There have been some important court decisions that maintain a basic right to privacy or privacy protection, but other court decisions come to the opposite conclusion, as in those that assign to the banks the ownership of your bank account personal information. Citizens should inquire about personal information privacy legislation, right to privacy, and online privacy protection in their state or province, since most privacy legislation is often governed by the state/province as opposed to the federal government level. Some countries do specify a right to privacy and privacy protection in their constitutions and laws. Generally, most North Americans can expect no right to privacy or online privacy protection, for the time being.

(Back To Top)


P3P Information

P3P And The P3P Privacy Initiative

What is P3P or the P3P privacy initiative?

P3P is the "Platform for Privacy Preferences," a new Internet protocol being developed by the World Wide Web Consortium (W3C). Protocols are the rules which the W3C form, around which Internet software is developed. This means that the P3P functions will be implemented as part of the functioning of the World Wide Web, and most likely P3P will be integrated into Web browsers like Netscape and Internet Explorer. P3P privacy defines a standard way that the privacy practices of Web sites can be defined and that a consumer's personal information can be requested.


What are privacy preferences? Is this the same as online privacy protection?

No, online privacy protection and privacy preferences are very different concepts. Most people consider online privacy protection to mean that others, especially strangers, do not have access to information about you. In the P3P privacy preferences model, your personal information is not entirely private considering many transactions often consist of an exchange of personal information for goods and services. Engaging in that exchange is an exercise of ones' privacy preferences. So if you sign up for an online information service, such as a daily newspaper, you might be exchanging information about who you are (your email address and some demographic information) and your reading habits for the access to those newspaper articles.


What is the problem P3P privacy is supposed to solve?

An article by the W3C and the developers of P3P privacy states: 'Many online privacy protection concerns arise because it is difficult for users to obtain information about actual Web site's personal information collection practices. Thus, there is often a one-way mirror effect: Web sites ask users to provide personal information, but users have little knowledge about how their information will be used.' P3P privacy protocol is not designed to eliminate or reduce the exchange of personal information data, but to give the Internet user a way to exercise some discretion over the exchange of that personal information data based on the stated data gathering and use policies of that Web site.

(Back To Top)


Will P3P give me more online privacy protection when I use the Internet?

No, P3P will not provide more online privacy protection. P3P will allow you to exercise personal information preferences only. P3P does not make your Internet use more private than it is today, although you may be better informed about what personal information is being collected and why with P3P.


Are online privacy protection practices really the problem?

It is known that consumers are concerned about online privacy protection using the Internet, an obstacle in the development of electronic commerce (e-commerce). When polled, many Internet users indicate that they do not purchase items over the Internet because of online privacy protection fears. If successful, P3P would help users overcome these online privacy protection fears and therefore increase the number of consumers using the Internet for online purchases.

Privacy practices is only one factor in the relationship between customers and Web sites. Consumers develop trust relationships with companies, whether they are home-town stores, national chains, or catalog retailers based on the company's reputation and the customer's previous experience, not with their privacy protection practices. Many people do mail-order shopping even though they know that the companies they are dealing with sell their address to other mail-order companies. P3P seems to be designed for situations in which that trust relationship does not yet exist. However, what isn't clear with P3P is whether knowing how the personal information will be used will resolve this conflict.


How will P3P work?

The first implementations of P3P platform for privacy preferences have not yet been released publicly, so Guardian eCommerce does not have details about how it will look to Internet users. But Guardian eCommerce knows that P3P privacy will be incorporated into Internet browsers like Netscape and Internet Explorer, and perhaps will be used in other Internet software. The P3P privacy protocol does state that the software must install with the maximum privacy as the default. Users will provide their personal information (name, address, etc.), probably in a form, and will indicate their privacy preferences. When the user surfs to a Web site that uses P3P privacy, the data request of the Web site will be compared to the user's personal preferences. If they match, the requested data will either be transmitted to the Web site or the user will be asked to fill a form with the information. Guardian eCommerce will update this page, as more P3P privacy information becomes available from W3C.

(Back To Top)


What will I see on my screen when personal information is requested?

This depends on how W3C implements P3P, and how P3P will be integrated into browsers. There are W3C provisions in P3P for the Web site to provide plain language explanations of its request for personal information, or to promote the service it is offering in exchange for the personally identifiable information. This may look very similar to the statements in Web site privacy practices that can be seen on the Internet today. Because this part of P3P will be written by the Web sites, and P3P isn't used yet, Guardian eCommerce does not know what kind of privacy practice will be developed through P3P.


Will I know when my personal information is transmitted to a Web site? How will I know what personal information the Web site is actually getting?

The current version of P3P does not state anything about how the personal information is transferred from the user to the requesting Web site once the negotiation regarding privacy practices is completed. It should be technically possible for the personal information to be exchanged automatically and without specifically informing the user about which personally identifiable data elements were received, but hopefully users will have the option to always be notified before any personal information is transmitted.


What personal information can be revealed about me through P3P?

The required personal information elements in P3P are: Name, Birthdate, Gender, Employer, Department, Job title, Home address, Business address, Bill to address, and Ship to address.

P3P can also carry any number of optional personal information elements, including (taken from P3P documentation):

  • Physical Contact Information - i.e. phone number or address.
  • Online Contact Information - i.e. email.
  • Unique Identifiers - i.e. SSN or Web site IDs.
  • Financial Account Identifiers - i.e. bank account number.
  • Demographic and Socio-economic Data - i.e. gender, age, and income.
  • Preference Data - i.e. likes and dislikes such as favorite color.

Note a Social Security Number (or Social Insurance Number) is given as an example of an unique identifier even though it can legally only be used for certain income-related activities (see Links section for more information on protecting your SSN or SIN.)

(Back To Top)


What personally identifiable information or data do I get in return about the Web site?

The Web site must identify itself, (although it appears that this can be as little as its Web address) and specify its privacy practices in relation to the personally identifiable data being requested.


How are privacy practices defined in P3P?

P3P privacy practices are defined in 6 codes. These are: Completion and Support of Current Activity, Web Site and System Administration, Customization of Site to Individuals, Research and Development, Contacting Visitors for Marketing of Services or Products, Other Uses.

Individually, these codes leave a lot of questions unanswered. To begin with, how is 'support of the current activity' defined? And while many users will understand 'contacting visitors for marketing' they probably will not expect that 'research and development' in P3P includes the gathering of visitor personal information for marketing purposes (like getting demographic data, etc.). 'Customization' can include such features as greeting you by name ('Welcome, John Smith') or showing you a message on your birthday. Each of these codes can cover a wide range of activities in P3P. For example, a user might wish to participate in a product review for the purposes of research and development but not for the marketing aspect which is included in that category.

There are two other P3P codes that relate to how the personal information will be used. The first is whether the personal information gathered will be used in a personally identifiable way (see What is Personally Identifiable Data? below). If this is coded 'no' it does not mean that the personal information does not identify you as an individual; this has to do with how the data is being used by the Web site. The other code tells you whether your personal information will be shared with other companies or institutions. The most restrictive level of this code is 'only ourselves and our agents'.


What problems doesn't P3P privacy solve?

P3P actually covers only a very specific part of online privacy protection and interaction: the transmittal of privacy practices to a user, and the comparison of these to the user's preferences. P3P does not increase online privacy protection, ensure right to privacy, nor increase the security of Internet transactions. P3P does not make it safe to send credit card numbers over the Net. P3P doesn't provide consumers with online privacy protection from Internet eaves-droppers that steal passwords and consumer data as it travels over the network. Security must be provided by other software such as the Web browser. P3P does not provide any enforcement of P3P privacy practices that are promised by the Web sites, nor does P3P give individuals any information about the trustworthiness of the site they are visiting. P3P does not address whether personal information gathered on the Net will be combined with personal information gathered elsewhere to create a more detailed profile of the user. P3P does not reduce the amount of personal information data that is gathered from Internet users and it is not intended to do so.


What if I give false personal information?

There is no way for Web sites to know if the personal information that you provide is false. However, if the P3P privacy platform becomes widely used for online transactions some personal information elements (like your name, address and credit card number) must be valid for the transaction to take place. Users may also be encouraged to provide accurate personal information if the P3P data is incorporated into the personalization of sites (i.e., sites providing age-appropriate information).

(Back To Top)


How long can Web sites keep my personal information?

P3P does not address how long a site can store and use personal information. There is an optional data element in P3P that indicates whether or not the site discloses how long it intends to store the data, but only the element of disclosure (yes/no) is addressed, not the actual length of storage. Lengthy storage of data presents a number of problems. After many years, the personal information data may no longer be valid. Also, transformations of the company's computer systems over time may result in the separation of your personal data and the original agreement for its use. In general, the passage of time can be expected to cause some erosion of the privacy practices, and long after the consumer's relationship with the company or institution has ended.


What if I change my mind only after I have submitted personal information to a Web site?

There is no requirement that sites allow you access to your personal information once the immediate transaction is completed. Sites that do have this capability can indicate through P3P that they do have a change agreement which may or may not allow you to remove your personally identifiable data from their database.


What can I do if a Web site lies about their online privacy practices or misuses my personal information?

In the U.S. there are no laws that ensure: right to privacy, online privacy protection, or the prevention of personal information gathering and exchange, and personal information data privacy is being left to industry self-regulation. However, the Federal Trade Commission is concerned about business practices, and has explicitly stated that it will take action against Web sites that do not adhere to their own privacy statements. Some sites will join auditing services such as Truste, or BBBonline, or even Guardian eCommerce. Sites can display the logo of these services and list the auditing service in their P3P interaction only if they pass and maintain their auditing requirements. Users can notify the services if sites misuse personal data gathered over the Web and the sites risk losing the assurance of these trusted auditors. This auditing mechanism of a key element of self-regulation. Note, however, that these services cover only the gathering of data over the Web and do not assure that other privacy practices of those companies are within compliance.  However, Guardian eCommerce assures consumer online privacy protection.


How does P3P relate to non-commercial communication on the Internet (i.e. personal information research)?

The creators of the P3P or P3P privacy platform do not address the issue of non-commercial or non-financial online transactions. It is probably assumed that non-commercial sites will not use P3P. Many sites that provide information that Internet users use for personal reasons, however, are commercially based. Most of these sites are financed through advertising. The advertising model requires that they provide their advertisers with information about the site visitors who are viewing the ads. Although it is not conscious, when we sign up for "free" use of an information resource on the Web (i.e. to be able to access the back files of a newspaper) we are paying for the information resource with some amount of personal information or personally identifiable data about ourselves. This is a model in which P3P would fit quite well and wide-spread use of P3P could mean an increase in the use of our personally identifiable data as payment for online information.

(Back To Top)


What other models are being used on the Internet to encourage online privacy protection and consumer trust?

Other models for consumer trust exist on the Internet such as the "peer" reporting model of auction sites like eBay. In those environments the sale takes place between individuals who have no prior knowledge of each other. Buyers and sellers use pseudonymous "handles" and do not exchange any personally identifiable data until the actual purchase and exchange of goods must be made. At this point, however, only the personally identifiable data or personal information that is essential for the purchase is exchanged. The trust factor is handled through a comment system where anyone can comment on their experience with the seller or the buyer. So although the sellers' real identities are unknown, their reputations are very public. Because personally identifiable data is exchanged only when it is absolutely essential (and at a point where the buyer and seller can agree to finish the transaction over traditional media, like the telephone), the e-auction environment gives both buyers and sellers a high degree of privacy.


What is "personally identifiable" data or personally identifiable information?

This is personal information that can identify who you are as an individual. While you may feel that your name identifies you, in fact it is highly likely that there are others who share your name. For this reason, social Security Numbers are often requested of people because they are considered a single piece of personally identifiable data or personal information that identifies the individual, hence personally identifiable information or data. Because personal information can be stored for a long time, individual bits of information about a person that are not in themselves personally identifiable may eventually build up into a personally identifiable profile over time. It's very hard to say with certainty what personal information data is and isn't personally identifiable, which is why the P3P privacy protocol refers only to whether the personal data gathered is intended to be used in a personally identifiable way. However, since personally identifiable data may be stored for an indefinite length of time and combined with other personal information elements, there is no real assurance that it will not be used in a personally identifiable way in the future or under other circumstances.


Who is W3C?

The World Wide Web Consortium or W3C is the standards body that develops new functions and features for the World Wide Web, called "protocols". It was founded by Tim Berniers-Lee, the scientist who created the very first protocols that made the World Wide Web possible. It is based at MIT. The W3C is made up of over 300 member institutions including the major companies involved in the computer and Internet industries. New features of the World Wide Web are developed by the members of this consortium. The W3C is funded by its member corporations which pay a membership fee and provide technical staff to work on the standards.

Because W3C is a members-only organization, non-members do not have access to the protocols as they are developed except when drafts are posted publicly for comment. Guardian eCommerce will make revisions to this P3P privacy page at any time. Guardian eCommerce will update this P3P information page when W3C makes new P3P information available.

(Back To Top)


P3P And Online Privacy Protection

Resource And Information Links

Guardian eCommerce provides the following resource links for you to learn more about P3P, online privacy protection, and personal information collection:


Guardian eCommerce urges you to visit our online privacy protection information resource links page, filled with online privacy protection tips and online privacy protection resources. Visit the Guardian eCommerce Online Privacy Protection Resource Page, ideal for Web site operators and online consumers worldwide.