A semantics based approach to privacy languages

N. Li, Ting Yu, A. Antón

Research output: Contribution to journalArticle

10 Citations (Scopus)


A key reason for the slow adoption of the Platform for Privacy Preferences (P3P) is the lack of a formal semantics. Without a formal semantics, a P3P policy may be semantically inconsistent and may be interpreted and represented differently by different user agents. In this paper, we redress these problems by proposing a relational formal semantics for P3P policies, which precisely models the relationships between different components of P3P statements (i.e., collected data items, purposes, recipients and retentions). Based on this semantics, we present SemPref, a simple, efficient and expressive semantics-based preference language. Unlike previously proposed preference languages, SemPref queries the meaning of a privacy policy rather than its syntactic representation. The proposed formal semantics and preference language are an important step towards improving P3P, making it more comprehensible to enterprises and individual users, and ultimately accelerating the large-scale adoption of P3P across the Internet.

Original languageEnglish
Pages (from-to)339-352
Number of pages14
JournalComputer Systems Science and Engineering
Issue number5
Publication statusPublished - 1 Sep 2006
Externally publishedYes



  • Formal semantics
  • Platfoirm for privacy preferences (P3P)
  • Privacy languages

ASJC Scopus subject areas

  • Hardware and Architecture
  • Theoretical Computer Science
  • Computational Theory and Mathematics

Cite this