Jon Lebkowsky ha scritto:
"
type="cite">P3P obviously wasn't that, but it was thinking in that
direction. (I use the past tense, but it sounds like there's life in
the project?)
~ Jon
On Sun, Jun 27, 2010 at 12:16 PM, TJ
McDonald <
">
>
wrote:
As Doc
said, I don’t want to be
told, I want to tell and have it universally accepted.
Something about the evolution of P3P to help the pull strategy, in the
direction of the VRM vision, thanks to the recently POWDER standard
[0]: we can talk in an universal form about our resources...
POWDER definition:
POWDER — the Protocol for Web Description Resources —
provides a mechanism to describe and discover Web resources and helps
the users to make a decision whether a given resource is of interest.
There are a variety of use cases: from providing a better means to
describing Web resources and creating trustmarks to aiding content
discovery, child protection and Semantic Web searches.
Something around this stuff:
-> http://www.w3.org/2009/07/01-swxg-minutes.html
[...]
hhalpin: unclarity of privacy policy phrasing
<hhalpin> harry: can we cluster privacy practices?
Soren: it was hard to distinguish clusters
<hhalpin> harry: due to privacy policy?
Soren: it's hard to see prevalent practices
Joseph: we might try to diff the privacy texts, to see the %age of
wording reuse
<hhalpin> And POWDER?
<hhalpin> P3P hasn't taken off.
<FabGandon> beleives Lorry Cranor did a lot on that subject
indeed when working on P3P
Soren: P3P was designed to communicate privacy policies, but less than
10% of the sites implement P3P
... and some are doing it wrong
harry: is it doable to present a human-readable privacy policy?
Soren: several projects going this way
<AndreaP> POWDER might be good if you would like to state which
are the privacy policies adopted by a given set of resources.
Soren: it's worth investigating
... also somewhere where W3C could step in
Harry: I'm interested in links to these projects?
Soren: I will try to put something together
<tinkster> Perhaps a cut-down dialect of P3P in RDFa might
increase update? I think danbri was looking at something like that.
harry: Can we use some of your results in the XG?
Soren: yes, publicly available
<hhalpin> that was a pretty hacky list :)
Mischa: .... list of SN
<hhalpin> should blogging be under social networking?
Joseph: we did look at some of the ones you have on your list
<tinkster> danbri, while you were gone I said: Perhaps a cut-down
dialect of P3P in RDFa might increase update? I think danbri was
looking at something like that.
<hhalpin> soren: youtube, blogger, take off
Joseph: youtube not really a SN
... friends' communication is limited
harry: whatever has a friends list could be a SNS
<hhalpin> soren: Gmail is pretty huge social network
<hhalpin> mischa: gmail using facebook connect
Mischa: there's a connect between facebook and gmail
Joseph: 2 ideas in textual analysis of policies
... identify reuse of boilerplate text
... difficulty to read
... it might also be interesting to identify relevant dimensions of a
privacy policy
... and see how they differ
<melvster> in the uk i believe they have to give you all the data
they have on you, but you need to pay a small fee
Joseph: for some observations you need a real account
harry: the study is very educational
... interested in discussion on the mailing list
<tinkster> melvster, organisations have the right to charge a
£10 fee for gathering, printing and sending your data, but many will
waive that.
<hhalpin> Call adjourned
Promoting explicit declarations of privacy and usage about resources
help the overall system.
More structure, more possibilities...
About our sites, and our way to dial with vendors.
As Pembleton said some days ago:
-> http://vimeo.com/12691193
And on the way of the UMA development:
->
http://kantarainitiative.org/pipermail/wg-uma/2009-December/000310.html
You mention it as a possible vector for user wishlists
(what the VRM crowd might call "personal RFPs"). That's an interesting
possibility. If this info is public, it could be made available at an
unprotected resource. If not, it could perhaps be UMA-protected...?
Here's another idea, just sort of riffing...
If businesses are already starting to use this to make their offerings
accessible in a machine-readable way, that's a good sign that the
barrier to deployment by "potential UMA requesters" is low. And maybe
if things like privacy policies of a business are considered useful
"competitive information" to list (hey, if opening hours are listed,
why not this?), maybe it's an opening for the P3P-based (or similar)
ontologies as well. And then it's perhaps a shorter leap to imagine
our terms negotiation use cases actually working.
Helping a four party to promote this stuff can move all the actors on
the VRM view of the Market...
I lean toward "fourth party" as a label, because the first,
second and third are already taken. But I have reservations. I'm my own
first person, my own first party. Relative to me, the second party is
the seller.
But I'd rather not try to change everything at once. "Fourth party", as
a classification for user-driven services, sounds like a pretty cool
new category, and a place where a vast new marketplace can open up,
serving customers first. For real this time.
From
http://www.linuxjournal.com/content/get-ready-fourth-party-services
Matt
[0] - http://www.w3.org/TR/powder-primer/
"
type="cite">
On Sun, Jun 27, 2010 at 4:51 AM, Matteo
Brunati <
" target="_blank">
>
wrote:
I'm in contact with Massimo Marchiori, the editor of the P3P W3C
Standard. [1],
to make something that not reivent the whell.
Pleased to see the reference to P3P. For those on the list who don't
know
what P3P (Platform for Privacay Preferences) is about and why it's a
wheel we
should avoid reinventing, it's worthwhile to follow Matteo's link [1]
and read
for a while. Here's a piece:
P3P
version 1.0 is a protocol designed to inform Web users of the
data-collection
practices of Web sites. It provides a way for a Web site to encode its
data-collection and data-use practices in a machine-readable XML format
known
as a P3P policy.
The P3P
specification defines:
- A standard schema for data a Web site may
wish to collect, known as the "P3P base data schema"
- A standard set of uses, recipients, data
categories, and other privacy disclosures
- An XML format for expressing a privacy policy
- A means of associating privacy policies with
Web pages or sites, and cookies
- A mechanism for transporting P3P policies
over HTTP
The goal
of P3P version 1.0 is twofold. First, it allows Web sites to present
their
data-collection practices in a standardized, machine-readable,
easy-to-locate
manner. Second, it enables Web users to understand what data will be
collected
by sites they visit, how that data will be used, and what data/uses
they may
"opt-out" of or "opt-in" to.
~ Jon
--
Jon Lebkowsky
+1 512.762-6547
website: http://weblogsky.com
twitter: http://twitter.com/jonl
facebook: http://facebook.com/jonlebkowsky
linkedin: http://linkedin.com/jonlebkowsky
|