Specifying Personal Privacy Policies to Avoid Unexpected Outcomes

  1. (PDF, 259 KB)
AuthorSearch for: ; Search for:
ConferenceProceedings of Privacy, Security and Trust 2005, October 12-14, 2005.
Subjectprivacy; personal privacy policy; specification; e-service; unexpected outcomes; politique en matière de protection des renseignements personnels; spécification; service électronique; résultats imprévus
AbstractThe growth of the Internet is increasing the deployment of e-services in such areas as e-commerce, e-learning, and e-health. In parallel, the providers and consumers of such services are realizing the need for privacy. The use of P3P privacy policies on web sites is an example of this growing concern for privacy. Managing privacy using privacy policies is a promising approach. In this approach, an e-service provider and an e-service consumer each have separate privacy policies. Before an e-service is engaged, the provider's policy must be "compatible" with the consumer's policy. However, beyond compatibility, the policies may lead to unexpected outcomes. This can result in the lost of privacy and even lead to serious injury in certain cases. This paper gives examples of how such outcomes can arise and suggests how the consumer's personal privacy policy can be modified to avoid such outcomes.
Publication date
AffiliationNRC Institute for Information Technology; National Research Council Canada
Peer reviewedNo
NRC number48250
NPARC number5765396
Export citationExport as RIS
Report a correctionReport a correction
Record identifierf1592ffb-8d64-4d7a-b57d-f7c478b47dfb
Record created2009-03-29
Record modified2016-05-09
Bookmark and share
  • Share this page with Facebook (Opens in a new window)
  • Share this page with Twitter (Opens in a new window)
  • Share this page with Google+ (Opens in a new window)
  • Share this page with Delicious (Opens in a new window)