P3P Client Ruleset

The following APPEL ruleset was used in the P3P demo as presented in Section 2.3.3 on page 23 . The following ruleset complies with APPEL level 2 and contains four rules.

<APPEL:APPEL><APPEL:RULESET crtby="APPEL WG"

crton="Wed, 12-Aug-1998 09:12:32 GMT">

<APPEL:GROUP description="Default Group">

<!-- We specify OTHERWISE as the only trigger condition here so that this group is always active -->

<APPEL:TRIGGERS>

<APPEL:OTHERWISE/>

</APPEL:TRIGGERS>

<APPEL:RULES>

<APPEL:RULE behavior="seamless-accept"

description="Site only collects first name,date of birth, IDs">

<P3P:PROP><P3P:USES>

<!-- Conditions under which data can be released seamlessly:

Read acess only, Web site's purpose either

"Completion and support of current activity",

"Web Site and System administration"

and/or "Customization of Site to Individuals". -->

<P3P:STATEMENT action="r" VOC:purp="0,1,2" VOC:id="0">

<DATA:REF name="user.name.first"/>

<DATA:REF name="user.bdate.*"/>

<DATA:REF name="ID.*"/>

</P3P:STATEMENT>

</P3P:USES></P3P:PROP>

</APPEL:RULE>

<APPEL:RULE behavior="info-prompt"

description="Inform if site collects any of name or email.">

<P3P:PROP><P3P:USES>

<!-- Conditions under which data can be released seamlessly:

Read acess in non-identifiable form only,

Web site's purpose either

"Completion and support of current activity",

"Web Site and System administration"

and/or "Customization of Site to Individuals".-->

<P3P:STATEMENT action="r" VOC:purp="0,1,2" VOC:id="0">

<DATA:REF name="user.name.*"/>

<DATA:REF name="user.home.online.*"/>

</P3P:STATEMENT>

</P3P:USES></P3P:PROP>

</APPEL:RULE>

<APPEL:RULE behavior="seamless-accept"

description="Site only collects IDs or clickstream data">

<P3P:PROP>

<P3P:USES>

<!-- Read access in non-identifiable form only -->

<P3P:STATEMENT action="r" VOC:id="0">

<DATA:REF name="ID.*"/>

<DATA:REF name="Clickstream.Client_"/>

</P3P:STATEMENT>

</P3P:USES>

</P3P:PROP>

</APPEL:RULE>

<!-- Reject everything else automatically -->

<APPEL:RULE behavior="seamless-reject"

description="I don't want to be identified!">

<APPEL:OTHERWISE/>

</APPEL:RULE>

</APPEL:RULES>

</APPEL:GROUP>

</APPEL:RULESET></APPEL:APPEL>


April 9, 1999 · Jörg Meyer · jmeyer@almaden.ibm.com