P3P, Platform for Privacy Preferences, reference
This document is in the beginning stages. Eventually, it will be complete except without explanations for sub sub elements.
This document was derived from pages on P3P by World Wide Web Consortium.
Attributes are type='string' unless specified.
Key:
(contained within a META element **)
- xml:lang
- POLICY-REFERENCES ** policy reference file
- EXPIRY minOccurs='0'
- POLICY-REF minOccurs='0' maxOccurs='unbounded' ** policy reference; Points to a single P3P policy, and specifies website parts to which it applies.
- about, type='anyURI' URI of a policy
- INCLUDE|EXCLUDE minOccurs='0' maxOccurs='unbounded'
- COOKIE-INCLUDE|EXCLUDE minOccurs='0' maxOccurs='unbounded' (portion of website covered by policy)
- name, value, domain, path
- METHOD minOccurs='0' maxOccurs='unbounded'
- type='anyURI' (PUT, DELETE, or GET/HEAD)
- HINT minOccurs='0' maxOccurs='unbounded'
- POLICIES minOccurs='0' (gathers several P3P policies together in a single file)
- EXPIRY minOccurs='0'
- DATASCHEMA minOccurs='0' ** (description of a set of data)
- xml:lang
- DATA-DEF, DATA-STRUCT
- name type='ID'
- structref type='anyURI' (the fragment identifier part denotes the structure, and the URI part denotes the corresponding data schema where it is defined.)
- short-description type='string' (short display name of the data element or structure)
- CATEGORIES minOccurs='0'
- LONG-DESCRIPTION minOccurs='0'
- POLICY minOccurs='0' maxOccurs='unbounded' ** a complete P3P policy
- discuri, type='anyURI'
- opturi, type='anyURI' (URI of instructions that users can follow to request/opt-in or decline/opt-out to have their data used for a particular purpose)
- name, type='ID' (name which POLICY-REF.about uses to reference this policy)
- xml:lang' (URI of the natural language privacy statement)
- TEST minOccurs='0' (indicates this policy is an example and must be ignored)
- ENTITY ** legal entity making the representation of the privacy practices
- DATA-GROUP
- DATA maxOccurs='unbounded'
- mixed='true'
- ref, type='anyURI'
- ACCESS ** contains one of the following, all complexType access-value
- nonident (website does not collect identified data)
- ident-contact (Identifiable Contact Information)
- other-ident (Other Identified Data)
- contact-and-other (covers both the preceding two)
- all (access is given to all identified data)
- none (no access to identified data is given)
- DISPUTES-GROUP minOccurs='0' **
- DISPUTES maxOccurs='unbounded' **
- resolution-type: restriction base='string':
enumeration value='service', 'independent', 'court', 'law'
- service type='anyURI'
- verification
- short-description
- EXTENSION minOccurs='0' maxOccurs='unbounded'
- [LONG-DESCRIPTION] if used, must have IMG also
- IMG minOccurs='0'ifLONG-DESC
- src type='anyURI'
- width type='nonNegativeInteger'
- height type='nonNegativeInteger'
- alt
- REMEDIES' minOccurs='0'ifIMG **
- EXTENSION' minOccurs='0' maxOccurs='unbounded'/>
- correct, money, law maxOccurs='unbounded'
(complexType name='remedies-value')
- EXTENSION' minOccurs='0' maxOccurs='unbounded'
- STATEMENT maxOccurs='unbounded' ** describe data practices
- CONSEQUENCE minOccurs='0' type='string'
- [NON-IDENTIFIABLE] (data is not collected or is anonymized upon collection)
- PURPOSE minOccurs='0'ifNON-IDENTIFIABLE **
- EXTENSION' minOccurs='0' maxOccurs='unbounded'/>
- current, admin, develop, tailoring, pseudo-analysis,
pseudo-decision, individual-analysis, individual-decision, contact,
historical, telemarketing (maxOccurs='unbounded')
- required type='p3p:required-value' default='always'
- other-purpose (maxOccurs='unbounded') mixed='true'
- required' type='p3p:required-value'
- RECIPIENT minOccurs='0'ifNON-IDENTIFIABLE **
- EXTENSION' minOccurs='0' maxOccurs='unbounded'/>
- ours, same, other-recipient, delivery, public, unrelated
(minOccurs='0' maxOccurs='unbounded' mixed='true')
- required type='p3p:required-value'
- RETENTION minOccurs='0'ifNON-IDENTIFIABLE **
- EXTENSION minOccurs='0' maxOccurs='unbounded'
- no-retention, stated-purpose, legal-requirement,
indefinitely, business-practices (complexType name='retention-value')
- DATA-GROUP minOccurs='0'ifNON-IDENTIFIABLE maxOccurs='unbounded' **
- base' type='anyURI' default='http://www.w3.org/TR/P3P/base'
- DATA maxOccurs='unbounded' mixed='true'
- ref type='anyURI'
- optional default='no' type='p3p:yes_no'
- CATEGORIES minOccurs='0' maxOccurs='unbounded'
Common elements
- ** EXTENSION complexType mixed='true' (minOccurs='0' maxOccurs='unbounded')
- any minOccurs='0' maxOccurs='unbounded' processContents='skip'
- optional default='yes' type='p3p:yes_no'
- LONG-DESCRIPTION (in DISPUTES.EXTENSION, DATA-DEF, DATA-STRUCT)
- restriction base='string'
- EXPIRY (in POLICIES, POLICY-REFERENCES)
- a max-age' type='nonNegativeInteger'
- a date' type='string'
- simpleType name='required-value':
restriction base='string': enumeration value='always', 'opt-in', 'opt-out'
- CATEGORIES (in STATEMENT.DATA and POLICIES.DATA*) (hints to intended uses of data)
- physical, online, uniqueid, purchase, financial, computer,
navigation, interactive, demographic, content, state, political, health,
preference, location, government
- complexType name='categories-value'
- other-category'
[web]
[home]
[about]
[copyright]
[contact]
This page last changed March 11, 2002.