Technology and Society

Book Reviews
What's New
Privacy & Individual Rights
Commerce, Security, & the Law
Net Culture, Art, & Literature
International Affairs & National Security
Ethics, Rhetoric, & Metaphysics
Science Fiction

Other Resources
Other Book Review Sites

Title: Web Privacy with P3P
Author: Lorrie Faith Cranor
Publisher: O'Reilly & Associates
Copyright: 2002
ISBN: 0596003714
Pages: 344
Price: $39.95
Rating: 89%
P3P stands for the Platform for Privacy Preferences. Developed by the World Wide Web Consortium (W3C), the standard offers users an opportunity to control how much information they give out about themselves. Lorrie Faith Cranor's book Web Privacy with P3P offers a look into the standard, both from the perspective of the security-conscious user and that of the developer interested in configuring their company's web site to be more public about their privacy policies. Broken into four parts, the book explores everything from online privacy to how to P3P-enable a web site, and work with P3P inside Internet Explorer 6.

The first part of the book is the typical six questions a reporter asks about a situation: who, what, where, when, how, and why. Broken into four chapters, you get a quick grasp of everything from web bugs, pseudonymity tools, and cookies, to privacy laws, history, and patents, among many other topics. There is enough information available so that one unfamiliar with the technology can get a good handle of it. For those interested in learning more, there are also plenty of references to online resources.

The second and third parts of the book are the technical guts. This is where the webmaster learns how to P3P-enable their web site and the software developer learns how to P3P-enable their application. Looking at the second part of the book, this is six chapters on P3P policies, from syntax (XML) to sample policy files. With the help of these chapters, practically anyone can better define user privacy policies for a web site. The third part of the book goes into more technical guts that most people don't need though. Imagine some company creating software like a web browser (Internet Explorer maybe). In part three, those people will learn how to integrate proper P3P usage into the product. While the information here is good and ties earlier concepts together, the need for the third for what I perceive the majority of readers of this book is lacking.

The final part is a series of five appendices. This offers a series of mostly mismatched pieces about P3P in Internet Explorer 6, proper web server configuration, and guiding principles. While there was nothing wrong with any of the appendices, the information again fell into the techie vs. non-techie mode. Some appendices were clearly more geared to the technologies, while others were more for the privacy-conscious user.

Meant more for the tech head than the casual user, Cranor's Web Privacy with P3P provides a reasonable introduction into online privacy concerns. The focus though is more on how to setup your own products and web sites to be compliant with the standard. If you are just interested in online privacy concerns, you'll enjoy the four chapter / sixty pages, before probably putting the book down as it gets into the technical details. If, however, you are more interested in those technical details, you'll enjoy the rest of the book, too.

John Zukowski, provides strategic Java consulting with JZ Ventures, Inc. through objective commentary on Java-related technologies, mentoring, training and curriculum development, technical editing, and software architecture and development. He received a B.S. in computer science and mathematics from Northeastern University and an M.S. in computer science from The Johns Hopkins University.