Citations (1)



Can User Agents Accurately Represent Privacy Policies?

Joel R. Reidenberg

Fordham University School of Law

Lorrie Faith Cranor

Carnegie Mellon University - School of Computer Science and Carnegie Institute of Technology

August 30, 2002

The Platform for Privacy Preferences (P3P) is a W3C specification that provides a standard computer-readable language for web sites to encode their privacy policies. This standardization allows for the creation of web browsers and other user agents that can display privacy warnings and signals that are meaningful to users or that automate actions in accordance with user instructions. This paper shows that P3P user agents will necessarily include judgmental design decisions and that the accuracy of the P3P user agent interactions becomes a critical matter. The accuracy of P3P user agents raises significant legal concerns about privacy agreements, inadvertent deception, and liability. The technological mediation designed to make it easier for users to understand the privacy practices of web sites risks adding ambiguity, confusion and legal uncertainty. This paper argues that one way to avoid having privacy practices represented inaccurately by P3P user agents is to certify P3P user agents for the accuracy of their representations of web site P3P policies. While there are some things that P3P user agents might do that would be readily identified as inaccurate or misleading, there is a large gray area in which user agents might present factual information side-by-side with subjective judgments. These judgments may be deemed misleading by some people but not others. Many of the issues raised here are new, but this is not likely to be the last time that these issues arise. As work progresses on computer-mediated search and negotiation technologies with a wide variety of applications, these issues are likely to surface repeatedly. In this paper we explore these issues and suggest some possible solutions, as well as a number of open questions.

Number of Pages in PDF File: 22

Keywords: Internet, privacy, P3P, user agent, web site, code, standardization, contract, misrepresentation, deception, negligence

JEL Classification: K10, K12, K13, K20, K30

Open PDF in Browser Download This Paper

Date posted: October 28, 2002 ; Last revised: May 15, 2014

Suggested Citation

Reidenberg, Joel R. and Cranor, Lorrie Faith, Can User Agents Accurately Represent Privacy Policies? (August 30, 2002). Available at SSRN: https://ssrn.com/abstract=328860 or http://dx.doi.org/10.2139/ssrn.328860

Contact Information

Joel R. Reidenberg (Contact Author)
Fordham University School of Law ( email )
140 West 62nd Street
New York, NY 10023
United States
212-636-6843 (Phone)
212-930-8833 (Fax)
HOME PAGE: http://faculty.fordham.edu/reidenberg
Lorrie Faith Cranor
Carnegie Mellon University - School of Computer Science and Carnegie Institute of Technology ( email )
5000 Forbes Avenue
Pittsburgh, PA 15213
United States
Feedback to SSRN

Paper statistics
Abstract Views: 2,232
Downloads: 249
Download Rank: 92,405
Citations:  1