Late last week the Wall Street Journal made quite a splash when it accused Google of tracking Safari users' activities without their knowledge. This past weekend Dean Hachamovitch, corporate vice president for Internet Explorer at Microsoft, penned a blog post that claims Google also circumvented the privacy settings of IE users.
P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Google has responded to Hachomovitch's lengthy post with its own statement that dubs Microsoft's P3P cookie technology "widely non-operational" and highlights the fact that it is not alone in its tactics to attempt to get around this technology. Google says that P3P didn’t have a huge impact when it was introduced in 2002 when P3P, but these days, it actually breaks cookie-based features, such as Facebook's 'Like' feature (incidentally, Facebook is another company that doesn't comply with P3P).
"Despite having been around for over a decade, P3P adoption has not taken off. It’s worth noting again that less than 12 percent of the more than 3,000 websites TRUSTe certifies have a P3P compact policy. The reality is that consumers don’t, by and large, use the P3P framework to make decisions about personal information disclosure," said Rachel Whetstone, Senior Vice President of Communications and Policy at Google. "A 2010 research paper by Carnegie Mellon found that 11,176 of 33,139 websites were not issuing valid P3P policies as requested by Microsoft. In the research paper, among the websites that were most frequently providing different code to that requested by Microsoft: Microsoft’s own live.com and msn.com websites.
What's more, Whetstone goes on to say that the reason all of these websites have decided against issuing valid P3P policies is because Microsoft said it was okay not to. Apparently that same Carnegie Mellon research paper from two years ago found that "Microsoft's support website recommends the use of invalid CPs (codes) as a work-around for a problem in IE."
- Tom's Guide: WSJ: Safari Loophole Allowed Google to Track Users via Ads
- Microsoft: Google Bypassing User Privacy Settings
- Parislemon: Google's complete statement on the issue.