1 / 10

Summary of Intel’s P3P Implementation

Summary of Intel’s P3P Implementation. James M. White Consumer e-Commerce Program Manager Intel Corporation. Privacy Enhancing Technologies (PETs). Preemptive National Privacy Legislation. Self-Regulation. Education. How P3P fits with Intel’s privacy strategy. P3P Anonymizers

kinsey
Download Presentation

Summary of Intel’s P3P Implementation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Summary of Intel’s P3P Implementation James M. White Consumer e-Commerce Program Manager Intel Corporation

  2. Privacy Enhancing Technologies (PETs) Preemptive National Privacy Legislation Self-Regulation Education How P3P fits with Intel’s privacy strategy P3P Anonymizers Secure e-mail Mandates notice and choice Offers alternative consumer paths for questions, issues, and remedies Businessesand consumerslearn about laws, choices, and technologies

  3. Identify initial P3P deployment target(s) • Intel has diverse Web environment with a large number of servers • We selected Web presence with most relevant impact and manageable deployment cycle • Shop IntelSM selected as first target • Reaches consumer audience • Collects significant personal information from customers

  4. Interpret corporate policy in P3P context • Determined how plain text policy maps to P3P specification • Reviewed P3P elements carefully • Determined content to capture in • Full policy • Compact policy • This was Intel’s “heavy lifting” for the initial deployment

  5. Single P3P policy Advantages Easy to implement Easy to maintain Disadvantage May over- or under-position information collected for a given location on your site Multiple P3P policies Advantages Gives customers policy related to personal information on specific pages Disadvantages Requires translation of written policy at lower levels More difficult to deploy and maintain, especially with multiple servers and Web authors Choose a path: Single site-wide policy or multiple policies Intel’spath

  6. Create policy content • One non-technical person created policy content in “spare” time • Used tools available from IBM and Microsoft to author XML and Compact Policy string • Initial content authoring of a few hours, then a few more hours of review and tweaking

  7. Review and test • Reviewed and cross-checked policy selections from legal perspective • Deployed initial policy on test servers • Checked for stability/reliability • Tested with Micrsoft* IE6 Beta

  8. Deploy • Made compact policy addition to http headers on front-end servers • Deployed final XML policy in specified “well-known location” (/w3c/p3p.xml) • We’ve been running smoothly ever since

  9. Current P3P status for Intel • Corporate site P3P implementation owner identified • Ratifying P3P test, deployment, and ongoing maintenance process • Preparing to deploy P3P throughout Intel.com

  10. Summary • P3P is one piece of Intel’s privacy strategy • Most time spent interpreting existing policy in P3P context • Deployment was simple with single-policy path • Performance impact negligible • See it in action at www.intel.com/shop

More Related