12:52 PM
Connect Directly

Microsoft Adopts P3P In Internet Explorer 6.0

Web-site operators and users may be in for a surprise when Microsoft's Internet Explorer 6.0 browser is released Oct. 25. That's because users may be confronted with privacy warnings displayed by the browser, and some Web sites may receive complaints from those users.

The warnings are the result of Microsoft's implementation of the Platform for Privacy Preferences. P3P is a World Wide Web Consortium standard that lets Web sites display their privacy policies so that users can decide how much personal data they want to reveal to the site.

For users, the default privacy settings in Internet Explorer 6.0 will block all third-party cookies. Cookies are bits of data that Web sites use to store information on a user's computer such as a logon name and password so users don't have to enter that data each time they visit the site. Cookies can also track users' behavior, such as the sites they visit and products they buy.

Third-party cookies come from Web sites other than the site the user is browsing. Typically, ad banners are the most common source of third-party cookies. Internet Explorer 6.0 will display a warning dialog box and an icon in the browser status bar the first time a user encounters a non-P3P-compliant site that attempts to store third-party cookies on the user's machine.

"Customers were telling us they were concerned about the collection of personal data on the Web," says Michael Wallent, Microsoft IE 6.0 product manager. "Web sites build profiles of surfers based on all the Web sites they browse via third-party cookies," he says.

Internet Explorer 6.0's P3P privacy policy summaries may be too complex for some users.
While IE 6.0 users may like the fact that ad-banner vendors such as DoubleClick Inc. won't be able to covertly track them, Microsoft has spent a lot of energy preparing ad-banner vendors for the IE 6.0 release so that third-party cookies will work. "We've been actively engaged with them over the past 18 months," Wallent says, "to ensure we have features in IE 6.0 that protect consumers' privacy, but at the same time don't destroy the business model of the Web."

Web sites that haven't deployed P3P yet and rely on cookies to track users may encounter difficulties with IE 6.0 users. If users raise their IE 6.0 privacy settings above the default level, sites that haven't deployed P3P will have their cookies blocked. "The goal of our team is to have 50% of the top 100 Web sites deploy P3P policies by IE 6.0's launch, and 90% by the end of the year," Wallent says.

Web sites that don't use cookies won't be affected if they haven't deployed P3P. That's because Microsoft has chosen to focus on cookie management as the primary role of P3P in the IE 6.0 browser. But some sites might use forms or other mechanisms to transmit personal data, says Lorrie Cranor, chair of the P3P specification working group at the World Wide Web Consortium and a researcher at AT&T Labs.

That's why Cranor is working on an ActiveX Control for Internet Explorer that will offer more comprehensive P3P reporting than IE 6.0. The ActiveX Control will look at personal data sent via forms. Among other things, it will put an icon at the top of the browser window that will change to indicate whether a site is P3P-enabled and, if it is, whether or not it matches the user's preferences.

For information about Microsoft's P3P initiatives, go to the company's P3P Privacy Statement Generator Web site, wizard.

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A UBM Tech Radio episode on the changing economics of Flash storage used in data tiering -- sponsored by Dell.
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.