Implementing Machine Readable Privacy Requirements of the E-Gov Act of 2002 (Server Admin). U.S. Department of Commerce Web Advisory Group http://www.osec.doc.gov/webresources/. Objectives of This Training. Objectives of This Training What is meant by “machine readable technology”?
Implementing Machine Readable Privacy Requirements of the E-Gov Act of 2002
U.S. Department of Commerce
Web Advisory Group
Objectives of This Training
The E-Gov Requirements
Isn’t the Text Version Enough?
How Does P3P Work?
The Policy Reference File (XML Version) Machine Readable Format
Example Policy Reference File
The location of the policy reference file can be indicated using one of the following:
Policy Reference File
Policy Reference File Tools
Free editor tools
APPEL(A P3P Preference Exchange Language) – A P3P Option
An Optional Part of P3P is the Compact Policy
Sample CP – NOI NID ADMa OUR LEG DSP COR
the Optional Compact Policy
- Server Configuration -
Server Implementation of the Optional CP
Included in Server HTTP Header
Optional Web Page Implementation of CP
Use of Optional Compact Policies on Web Pages
If you choose to implement a CP on a per page basis, you can set the CP using one of the following methods, depending on the technologies employed by your servers.
How Users Are Notified E-Gov Act of 2002
Web Browser Alerts
Web visitors who want to take advantage of P3P enabled sites have to set their personal privacy preferences in their web browser.How Users Are Notified -Web Browser Alerts
Browser implementation of P3P is concerned with the issue of cookies
When the browser encounters a cookie from a web page that either does not have a compact P3P policy, or that has a P3P policy that does not match the user’s privacy preferences, the user is alerted via icons.
To Assist DOC Web Developers