Developing Online Privacy Standards: A View From the Trenches (Research Seminar, October 11th, 2001) Lorrie Faith Cranor At&T Laboratories Abstract: The World Wide Web Consortium's Platform for Privacy Preferences Project (P3P) has been designed to allow web sites to express their privacy practices in a standard machine-readable (XML) format. This has enabled the development of web browsers and other user agent tools that can automatically search for a site's privacy policy, interpret it, and take appropriate actions on a user's behalf (such as displaying symbols, generating prompts, enabling or disabling automatic form-filling, blocking cookies, etc.). Interest in P3P is growing. Microsoft has released their IE6 web browser with P3P capabilities, and web sites are starting to adopt P3P. How does P3P work? Why has it taken five years to develop P3P? Why is it not done yet? And just how did we get direct marketers and privacy advocates to agree on a privacy vocabulary? In this talk I will give an overview of P3P and how it works, and talk about some of the P3P software currently available, including a P3P browser plug-in that we've been developing at AT&T. I will also talk about how standards get developed within W3C and reflect on the five-year long process that has led to the development of P3P. Background Paper