With the recent popularization of the Internet, electronic commerce has become more and more commonplace. When entering into an electronic transaction, individuals often provide various items of privacy data to a web site such as demographic data and/or personal financial data (e.g., credit card information). Unfortunately, individuals do not have sufficient ability to monitor and/or control how their privacy data is collected, assembled, or used.
One current initiative is the Platform for Privacy Preferences Project (P3P) standard that enables web sites to communicate their privacy practices to individuals. However, P3P will only instruct the individual whether or not a web site privacy policy agrees with the individual's privacy preferences. That is, when an individual accesses a web site with a P3P-enabled browser, the browser will obtain the web site's P3P policy and compare the policy to the individual's preconfigured preferences. If the web site is not in agreement with the individual's privacy preferences, the individual will be notified by the browser, however, there is no ability for the user to audit how their privacy data is used by the web site.
Unfortunately, the privacy data provided by an individual to a web site or other entity can be misused, either intentionally or unintentionally. For example, the privacy data may be disseminated to third parties without the user's consent or knowledge. In addition, the user's privacy data may be provided inaccurately without the individual's knowledge. For example, the individual's old address may be stored by the web site such that the wrong address is associated with the individual. This incorrect address may then be used and/or distributed by the web site without the individual's knowledge.