Wednesday, February 17, 2010

P3P Explained: Compact Privacy Policies in 2010

Your first point of reference for P3P should be the wikipedia page. It'll give you a good overview. Here's the basics:
  • Microsoft helped pay for it.
  • Microsoft browsers are the only browsers that still use it.
  • Microsoft browsers have never used it correctly.
When Internet Explorer (IE6 - IE8) is in the "High" Privacy mode it "Blocks all cookies from websites that do not have a compact privacy policy." So if you want to set a cookie on an IE browser in "High" Privacy, you need a compact privacy policy.  You don't need a well formed policy, you don't need a valid policy, you can put swears in your policy and it'll still be accepted.

In PHP:
<?php header('P3P: CP="JUNK DATA"'); >