“Microsoft uses a “self-declaration” protocol (known as “P3P” [Platform for Privacy Preferences Project]) dating from 2002 under which Microsoft asks websites to represent their privacy practices in machine-readable form. It is well known - including by Microsoft - that it is impractical to comply with Microsoft’s request while providing modern web functionality. We have been open about our approach, as have many other Websites.”
Indeed, Facebook doesn’t work with Microsoft’s P3P policy either. A Facebook representative said, “P3P was developed 5 years ago and is not effective in describing the practices of a modern social networking service and platform. Instead, we have posted a public notice describing our practices that is consistent with Section 3.2 of P3P. We have reached out directly to Microsoft in hopes of developing additional solutions and we would welcome the opportunity to work with W3 to update P3P to account for the advances in social networking and the web since 2007.”
Whetstone continued, “Today the Microsoft policy is widely non-operational. A 2010 research
report indicated that over 11,000 websites were not issuing valid P3P policies as requested by Microsoft.” According to Whetstone this “Issue has been around since 2002. For many years, Microsoft’s browser has requested every website to ’self-declare’ its cookies and privacy policies in machine readable form, using particular ‘P3P’ three-letter policies.”