Abstract
Purpose appears in all privacy guidelines, codes, policies, and legislations. It plays a central role in many privacy-related systems such as P3P, Hippocratic databases, EPAL, and XACML. We show that the P3P 12 standard purposes mix uses of personal information with acts on personal information and mix uses of personal information privacy with other states of affairs that have several interpretations. Some purposes are not even strongly privacy-related purposes. In this paper, P3P is singled out as the object of study; however, the implication applies similarly to other projects. We propose to use chains of information handling that let the user exercise more control on the use of his/her PI and allow the personal information gatherer to excise more control on the processing and accessing of information in its procession.
Please use the following format when citing this chapter: Al-Fedaghi, S., 2007, in IFIP International Federation for Information Processing, Volume 238, Trust Management, eds. Etalle, S., Marsh, S., (Boston: Springer), pp. 207–222.
Chapter PDF
References
Agrawal, R. Kiernan, J. Srikant, R. and Xu, Y. (2002). Hippocratic databases. In The 28th International Conference on Very Large Databases (VLDB), Hong Kong, China, August.
Al-Fedaghi, S. (2007). Beyond Purpose-Based Privacy Access Control. The 18th Australasian Database Conference, Ballarat, Australia, January 29th–2nd February.
Al-Fedaghi, S. (2006a). Anatomy of Personal Information Processing: Application to the EU Privacy Directive, Inter. Conf. on Business, Law and Technology (IBLT 2006), Copenhagen, December..
Al-Fedaghi, S. (2006b). Aspects of Personal Information Theory, 7th, The Seventh Annual IEEE Information Assurance Workshop (IEEE-IAW), West Point, NY: US Military Academy, June 20–23.
Al-Fedaghi, S. (2006c). Personal Information Model for P3P, W3C Workshop on Languages for Privacy Policy Negotiation and Semantics-Driven Enforcement, 17 and 18 October 2006, Ispra/Italy.
Al-Fedaghi, S. (2005). How to Calculate the Information Privacy, The Third Annual Conference on Privacy, Security and Trust, St. Andrews, New Brunswick, Canada.
Ashley P., Hada S., Karjoth G., Powers C., and Schunter, M. Enterprise Privacy Authorization Language, W3C Submission 10 November 2003. http://www.w3.org/Submission/EPAL/.
Byun, J. Bertino, E. and Li, N. (2005). Purpose Based Access Control of Complex Data for Privacy Protection, SACMAT’05, June 1–3, 2005, Stockholm, Sweden.
Cranor, L.F. Web Privacy with P3P, 2002, O’Reilly & Associateshttp://p3pbook.com/examples.html.
Cover, R. (Editor), Extensible Access Control Markup Language (XACML), October 10, 2006. http://xml.coverpages.org/xacml.html#v20CD.
EU Directive (1995). DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL, 24 October. http://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:EN:HTML.
Hogben, G. A technical analysis of problems with P3P v1.0 and possible solutions, “Future of P3P” workshop, Virginia, USA, 12–13 November, 2002. http://www.w3.org/2002/p3p-ws/pp/jrc.html.
OECD (1980). Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, http://www.oecd.Org/document/18/0,2340,en_2649_34255_l815186_1_1_1_1,00.html.
P3P (2002). The Platform for Privacy Preferences 1.0 (P3P1.0) Specification, The World Wide Web Consortium, April 16, 2002, http://www.w3.org/p3p/.
Thibadeau, R., A Critique of P3P: Privacy on the Web, Aug 23, 2000 (Postscript, April 20, 2004). http://dollar.ecom.cmu.edu/p3pcritique/#postscript.
W3C Working Draft 10, The Platform for Privacy Preferences 1.1 (P3P1.1) Specification, February 2006. http://www.w3.org/TR/P3P11/.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 International Federation for Information Processing
About this paper
Cite this paper
Al-Fedaghi, S. (2007). Dismantling the Twelve Privacy Purposes. In: Etalle, S., Marsh, S. (eds) Trust Management. IFIPTM 2007. IFIP International Federation for Information Processing, vol 238. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-73655-6_14
Download citation
DOI: https://doi.org/10.1007/978-0-387-73655-6_14
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-73654-9
Online ISBN: 978-0-387-73655-6
eBook Packages: Computer ScienceComputer Science (R0)