Researchers: Promises Fall Short in Compact Policies
ONLINE PRIVACYSeptember 14, 2010
The longtime tenets of know-say-do have been incorporated into the development of many privacy policies. According to the findings of a recent Carnegie Mellon University study, when it comes to the compact policies (CPs) created for the Platform for Privacy Preferences (P3P) protocol, industry may be falling short of doing what it says it is doing. Researchers from CMU's CyLab analyzed the CPs of more than 33,000 Web sites, finding errors in one-third of them. "Our work identifies potentially misleading practices by Web administrators, as well as common accidental mistakes," the researchers write in the report's abstract. "It appears that large numbers of Web sites that use CPs are misrepresenting their privacy practices..." The CyLab project is one of the first major studies to call out significant noncompliance with P3P standards.