Enterprises can publish privacy promises using the W3C Platform for Privacy Preferences (P3P) and advertise their compliance with certain privacy seal programs. Their internal privacy practices should reflect and enforce the promises made. But, as privacy practices correspond to business processes, they can change frequently. It can be challenging to keep the promises up-to-date.
This article describes a methodology for enterprises to promise what they can keep. This is done by automatically transforming privacy practices into corresponding privacy promises that reflect the enterprise-internal behavior.
By: Matthias Schunter and Els Van Herreweghen
Published in: RZ3452 in 2002
LIMITED DISTRIBUTION NOTICE:
This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.
Questions about this service can be mailed to reports@us.ibm.com .