A to Z(ee) with P3P

When you build websites that rely on cookies and they are expected to work with privacy settings other than default, you’ll have to deal with P3P. Read on to find out about the cornerstones of the Platform for Privacy Preferences, and get your hands dirty with an example guiding you from empty hands to a complete basic implementation.

Willerich, Matthias. Content with Style. Articles>Web Design>Privacy>Standards

Anonymous Personalization: Part I

Personalization versus privacy. It's not a question of which will ultimately prevail. But rather, how can we have both?

Allen, Cliff. Allen.com (2003). Design>Web Design>Personalization>Privacy

Cookies: Just a Little Data Snack

To read the New York Times Web site, you must open a free user account and log in each time you visit. That means yet another user name and password to remember. Fortunately, if you always use the same computer, you can set up your account so that you're logged in automatically whenever you connect to the site. The site does that by using cookies -- another of those silly-sounding bits of programmers' vocabulary that have crept into mainstream coverage of the Internet. But over the past year or so, this practice has become controversial because some people view it as an invasion of privacy. Others have bought into rumors or read inaccurate press reports suggesting that cookies threaten the security of their hard drives.

Ivey, Keith C. Editorial Eye, The (1998). Articles>Web Design>Privacy

Facebook's Privacy Trainwreck: Exposure, Invasion, and Social Convergence    

Not all Facebook users appreciated the September 2006 launch of the `News Feeds' feature. Concerned about privacy implications, thousands of users vocalized their discontent through the site itself, forcing the company to implement privacy tools. This essay examines the privacy concerns voiced following these events. Because the data made easily visible were already accessible with effort, what disturbed people was primarily the sense of exposure and invasion. In essence, the `privacy trainwreck' that people experienced was the cost of social convergence.

Boyd, Danah. Convergence (2008). Articles>Web Design>Privacy

Graceful E-Mail Obfuscation

Most e-mail obfuscation techniques I've tried tend to be bothersome and time-consuming to implement because they have to be applied to each and every e-mail address that you want to protect. Most require you to use lengthy inline script elements and inline event handlers. They may also invalidate your markup.

Van Gils, Roel. List Apart, A (2007). Design>Web Design>Privacy>Email

Guiding Principles for Providing "Remember Me" Personalization

As we set out to enhance personalization on Marriott.com, we realized we needed guidelines to inform our thinking and shape our decisions, particularly decisions related to customer privacy. Our earlier user research revealed the need for greater personalization and helped us understand customer attitudes towards privacy. From there, we sought to build customer trust and loyalty by addressing concerns about privacy and security in every aspect of the user experience. In creating the Guiding Principles outlined here, we conducted a thorough analysis of eight major websites and then merged the findings with what we already knew. These principles apply specifically to 'remember me' personalization.

Peters, Meg. Boxes and Arrows (2006). Articles>Web Design>Privacy>Personalization

Privacy Means Never Having to Say You're Sorry

For those of us who work with computers, the value of identifying ourselves to Web sites is increasingly obvious: no more retyping our name and address information, less need to memorize dozens of log-in passwords and paths to specific Web pages, less spam, and fewer irrelevant banner ads. But even those of us who appreciate the value of sharing some personal information with Web sites and those who run them are growing increasingly uncomfortable with the potential for abuse inherent in having information on our identities and preferences broadly available.

Hart, Geoffrey J.S. Geoff-Hart.com (2001). Articles>Web Design>Privacy

Privacy Means Never Having to Say You're Sorry

For those of us who regularly visit certain Web sites, the value of identifying ourselves to those sites grows quickly and painfully obvious: Accepting cookies from a Web site could potentially eliminate endlessly retyping our personal information, memorizing yet another login password, repeatedly re-customizing how a site responds to us, and enduring irrelevant information such as untargeted banner ads. But even those of us who appreciate the value of sharing personal information with Web sites and their designers have grown increasingly uncomfortable with the potential for abuse inherent in having confidential information about our identities and preferences broadly available. Even if a site isn't cracked and our private information stolen--always a risk on the Web--the site owner is bound to sell the information to commercial mailing lists, thereby guaranteeing us a lifetime supply of junk mail. Worst of all, we won't even be able to burn that junk on cold winter nights to stay warm.

Hart, Geoffrey J.S. TECHWR-L (2002). Design>Web Design>Privacy

The Users Charter

The following is an attempt to outline a charter of rights for the user of web applications. They are, of course, unenforceable but compliance with them would represent best practice in the design of user-centred interfaces. More significantly, any violation of the charter would indicate the presence of significant usability problems detrimental to the user experience. And failing to address the requirements of the user leads to frustration, irritation and consequently lost business.

Gaine, Frank. Frontend Infocentre (2001). Articles>Web Design>Privacy

Online Privacy as Legal Safeguard: The Relationship Among Consumer, Online Portal, and Privacy Policies    

Several surveys attest to growing public concerns regarding privacy, aggravated by the diffusion of information technologies. A policy of self-regulation that allows individual companies to implement self-designed privacy statements is prevalent in the United States. These statements rarely provide specific privacy guarantees that personal information will be kept confidential. This study provides a discourse analysis of such privacy statements to determine their overall efficacy as a policy measure. The in-depth analysis of privacy statements revealed that they offer little protection to the consumer, instead serving to authorize business practices which allow companies to profit from consumer data. Using public good theory as a foundation, policy implications are discussed.

Fernback, Jan and Zizi Papacharissi. New Media and Society (2007). Articles>Web Design>Privacy>Contracts

Anonymous Cowards, Avatars, and the Zeitgeist: Personal Identity in Flux: Part I 

Governments and large organizations, with legal and administrative concerns like taxation and security typically address the practical aspects of identity we experience on a daily basis—issuing IDs and credentials and deciding the mechanisms for their verification. This division of responsibilities for defining and executing the construct of personal identity is nearly as old as the mind/body schism at the heart of Western culture.

Lamantia, Joe. UXmatters (2009). Articles>Web Design>Privacy>Social Networking