P3P Privacy Policy

For years now, I've been holding out on a P3P implementation. My reasons were a few.

  1. P3P participation was voluntary.
  2. P3P xml files have a lot of options, and I didn't want to muck them up.
  3. I didn't really see any negatives for not participating.

Well, in researching the checkout issues we've been having, it seems I may have stumbled on what's happening. It appears that some anti-phishing filters were getting tripped because we're collecting personal information without P3P disclosure of what we're doing with it. Grr... this could be a real pain in the... Hey!

Turns out, there are several simple tools for creating a P3P Privacy Policy now. I tried the tool from IBM, and it wasn't too good. It seemed tougher than just making an XML file, since you had to know what all the options meant. I think you may as well just look up the spec and write one if you're going to use their tool. I looked at a few others, but they didn't take AmEx (the only business card I use since any others I could go over the limit pretty easily.)

What I ended up doing was going to p3pprivacy.com. For $30, they created one by going through a wizard and answering questions about how we handle data. 20 minutes later, I had it fully implemented.

I'm not sure if this is all of the issue we're having with checkout, but it sure can't hurt to try something. I guess we'll know if we don't get calls about problems.


Popular posts from this blog

Yii multiple select dropdownlist with default values

Audition results

Another audition