Prepared by Lorrie Cranor <email@example.com>
Here is the window users use to configure their privacy preferences. Users cannot use this tool until they select a setting.
After the user changes her preference settings, she sees a warning at the Microsoft site because the site may collect personally identifiable data for profiling.
Here are the symbols a user sees when they use the P3P-enabled Idcide Privacy Companion prototype.
Users can click on the P3P icon to find out where a site’s policy conflicts with their preferences.
Orby includes a Trust meter that analyzes a site’s P3P policy and evaluates it on a number of factors and computes a rating. Users can click on the Trust Meter to see the various factors that went into a particular rating.
Orby can also be configured to prompt users before accepting or receiving cookies. Users can enable and disable cookies on a site by site basis.
The Orby includes a drop-down menu from which users can select one of four privacy levels that are used to control when cookies are sent or users are prompted about cookies.
P3P policy generation is one of the services provided by PrivacyBot.com. PrivacyBot.com currently charges sites $30 to generate a human-readable policy and a P3P policy.
used like a staple to attach multiple parts of a form together
used to identify you when you return to a web site so you don’t have to remember a password
used to help web sites understand how people use them
Cookies can be harmful
used to profile users and track their activities without their knowledge , especially across web sites
YOU With cooperation from book store, ad company can get your name and address from book order and link them to your search Search engine Ad Search for medical information Book Store Ad Buy book Read cookie Set cookie
Pseudonymity tools quote.com nytimes.com expedia.com mfjh asef dsfdf Proxy Automatically generate user names, passwords, email addresses, etc. unique to each web site you visit username
iPrivacy private shipping labels CUSTOMER PC Public Identity Private Identity John Doe iPrivacy ABCDEF 1 MAIN ST 1 dQg85xP26 Kansas City, KS Kansas City, KS 11122 11122 Doe@ isp .com [email_address] WEB FORM Name : iPrivacy ABCDEF Address: : 1 dQg85xP26 City : Kansas City State : KS Zip : 11122 Email : ABCDEF @iPrivacy.com WEB e- Tailer Order Entry System Submit Credit Card If Authorized Ship Product Shipping Subsystem Input Private Identity Decode Address PRINT LABEL iPrivacy ABCDEF 1 MAIN ST Kansas City, KS 11122
Mixes [Chaum81] Sender routes message randomly through network of “Mixes”, using layered public-key encryption. Mix A Sender Destination Mix C Mix B B, k A C k B dest,msg k C C k B dest,msg k C dest,msg k C msg k X = encrypted with public key of Mix X
Four views provide features that include Cookie Management, P3P reader, automatic log-in, form-fill, quick access to top sites, search engines & comparison capabilities
Allows user to accept or reject cookies while surfing Cookie Watcher tells users when cookies are being dropped P3P Viewer alerts user to site with valid P3P policy; allows comparison to user’s privacy settings Pop-up Menu