Abstract
The Platform for Privacy Preferences (P3P), developed by the W3C, is a
major effort to improve online privacy. It provides a language for
websites to encode their data-collection and data-use practices in a
machine-readable form. The W3C also designed a P3P preference language,
APPEL, to allow users to specify their privacy preferences. Although P3P
has received broad attention, adoption has been slow. A key reason for
this slow adoption is the lack of a formal semantics. Without a formal
semantics, a P3P policy may be semantically inconsistent and may be
interpreted and represented differently by different user agents.
Additionally, APPEL is both complex and error-prone.
In this paper, we redress these problems by adopting a semantics-based
approach. We propose a relational formal semantics for P3P policies,
which precisely model the relationships between different components of
P3P statements (i.e., purposes, recipients and retentions) during online
information collection. Based on this semantics, we present SemPref, a
simple, efficient and expressive semantics-based preference language.
Unlike previously proposed preference languages, SemPref queries the
meaning of a privacy policy rather than its syntactical representation.
The proposed formal semantics and preference language are an important
step towards improving P3P and making it more comprehensible to
enterprises and individual users, and ultimately accelerating the
large-scale adoption of P3P across the Internet.