Internet Explorer 6 implements advanced cookie filtering
based on the Platform for Privacy Preferences (P3P) specification. The P3P
specification, developed by the World Wide Web Consortium (W3C), enables you to
express your privacy preferences while helping Web sites in clearly
describing, in a computer-readable format, how they will use your data. For
information about P3P, please see the following Web site:
Microsoft
provides third-party contact information to help you find technical support.
This contact information may change without notice. Microsoft does not
guarantee the accuracy of this third-party contact
information.
Internet Explorer 6 will notify you of Web
sites that do not satisfy your privacy settings. This article describes how to
manage your privacy (or cookie) settings in Internet Explorer 6. For
information about the default privacy settings in Internet Explorer 6, please
see the following article in the Microsoft Knowledge Base:
293222
(http://support.microsoft.com/kb/293222/EN-US/
)
The Default Privacy Settings for Internet Explorer 6
You can configure your privacy settings in Internet
Explorer 6 by clicking
Internet Options
on the
Tools
menu, and then clicking the
Privacy
tab.
NOTE
: An administrator can customize your privacy settings and remove
the
Privacy
tab from the interface in the
Internet
Options
dialog box. If the
Privacy
tab is not
available, contact your administrator, or see the
"Information for Advanced Users and IT
Professionals"
section.
These settings
replace the cookies settings on the
Security
tab in Internet Explorer 4 and 5 (and the
Advanced
tab in Internet Explorer 3). The
Privacy
settings slider has six settings:
Block All Cookies
,
High
,
Medium High
,
Medium
(default level),
Low
, and
Accept All Cookies
.
The following Privacy settings are available with the slider:
- Block All Cookies
: Cookies from all Web sites will be blocked, and existing cookies
on your computer cannot be read by the Web sites that created them. Per-site
privacy actions do not override these settings.
- High
: Blocks cookies that do not have a compact privacy policy or that
have a compact privacy policy which specifies that personally identifiable
information is used without your explicit consent. Cookies that were already on
your computer before you installed Internet Explorer 6 are leashed (restricted
so that they can only be read in the first-party context). Per-site privacy
actions override these settings.
- Medium High
: Blocks third-party cookies that do not have a compact privacy
policy or that use personally identifiable information without your explicit
consent. Blocks first-party cookies that have a compact privacy policy which
specifies that personally identifiable information is used without your
implicit consent. First-party cookies that do not have a compact privacy policy
and cookies that were already on your computer before you installed Internet
Explorer 6 are leashed (restricted so that they can only be read in the
first-party context). Per-site privacy actions override these
settings.
- Medium
(default level): Blocks third-party cookies that do not have a
compact privacy policy or that have a compact privacy policy which specifies
that personally identifiable information is used without your implicit consent.
First-party cookies that have a compact privacy policy which specifies that
personally identifiable information is used without your implicit consent are
downgraded (deleted when you close Internet Explorer). First-party cookies that
do not have a compact privacy policy are leashed (restricted so that they can
only be read in the first-party context). Cookies that were already on your
computer before you installed Internet Explorer 6 are also leashed. Per-site
privacy actions override these settings.
- Low
: First-party cookies that do not have a compact privacy policy
are leashed (restricted so that they can only be read in the first-party
context). Cookies that were already on your computer before you installed
Internet Explorer 6 are also leashed. Third-party cookies that do not have a
compact privacy policy or that have a compact privacy policy which specifies
that personally identifiable information is used without your implicit consent
are downgraded (deleted when you close Internet Explorer). Per-site privacy
actions override these settings.
- Accept All Cookies
: All cookies will be saved on your computer, and existing cookies
on your computer can be read by the Web sites that created them. Per-site
privacy actions do not override these settings.
NOTE
: Changing your privacy preferences does not affect the cookie
acceptance policy for cookies that have already been set unless you move the
slider to
Accept All Cookies
or
Block All Cookies
.
Internet Explorer displays a
Privacy
dialog box the first time that a cookie is restricted based on your
privacy preferences. This dialog box appears only one time, unless you clear
the
Don't show this message again
check box. The
Privacy
dialog box explains that a new status icon (the
Privacy Report
icon) is added to the status bar when you visit a Web site that
does not meet your privacy preferences. You can double-click this icon to view
a privacy report that explains how the Web site either has privacy practices
that conflict with your preferences or has no published privacy policy. You can
also view a privacy report for any site by clicking
Privacy Report
on the
View
menu.
NOTE
: The
Privacy
slider works only in the Internet zone. All cookies
are automatically accepted from Web sites in both the Local Intranet and
Trusted zones, and all cookies are automatically blocked from Web sites in the
Restricted zone.
For additional information, click
the article number below to view the article in the Microsoft Knowledge Base:
282846
(http://support.microsoft.com/kb/282846/EN-US/
)
Privacy Tab Settings Only Affect Internet Zone
Per-Site Privacy Actions
You also have the option to define cookie management practices on
a per-site basis. This overrides your default privacy preferences set with the
slider for any sites that you add to the
Per Site Privacy Actions
dialog box, unless you move the slider to
Accept All Cookies
or
Block All Cookies
(in which case per-site privacy actions are ignored).
To override cookie handling for individual Web sites, click
Edit
on the
Privacy
tab to open the
Per Site Privacy Actions
dialog box. You can enter individual domains in the
Per Site Privacy Actions
dialog box by using a policy of either
Block
or
Allow
. Existing cookies from sites that you decide to block will be
deleted.
NOTE
: If you move the slider on the
Privacy
tab to
Accept All Cookies
or
Block All Cookies
, the
Edit
button becomes unavailable because per-site privacy actions are
ignored in these cases.
Advanced Privacy Settings
You can override automatic cookie handling for all Web sites in
the Internet zone by clicking
Advanced
on the
Privacy
tab. You can use the
Advanced Privacy Settings
dialog box to configure first-party and third-party cookies to
Accept
,
Block
, or
Prompt
, with a check box to always allow session cookies.
NOTE
: Existing cookies on your computer can still be read by the Web
sites that created them even if you specify to block cookies in the
Advanced Privacy Settings
dialog box.
For additional information, click the article number
below to view the article in the Microsoft Knowledge Base:
298780
(http://support.microsoft.com/kb/298780/EN-US/
)
Any Existing Cookies Can Still Be Read by a Web Site Even When the 'Block' Option Is Selected
NOTE
: Per-site privacy actions override
Advanced Privacy Settings
dialog box settings.
Importing Custom Privacy Preferences
You can use the
Import
button to import a custom privacy preferences file. For
information about how to create a customized privacy import file, visit the
following Microsoft Web site:
Any privacy settings not overridden by the imported custom
privacy settings remain unchanged when you import. For example, if the imported
custom settings do not define privacy settings for the Internet zone, the
existing privacy settings for this zone are retained. Per-site rules may be
removed when you import custom privacy settings, and if you import custom
privacy settings, you cannot change the default privacy preferences for the
Internet security zone without disabling the custom settings for that zone
(clicking
Advanced
or
Default
on the
Privacy
tab removes imported privacy settings for the Internet zone).
For additional information
about removing customized privacy settings that were
imported, click the following article number to view the article in the Microsoft Knowledge Base:
301689
(http://support.microsoft.com/kb/301689/EN-US/
)
How to Restore Default Settings After Importing Custom Privacy Preferences
How to View and Delete Cookies
For more information about how to view the cookies that you have accepted or how to delete
cookies, click the following article number to view the article in the Microsoft Knowledge Base:
278835
(http://support.microsoft.com/kb/278835/
)
How to delete cookie files in Internet Explorer 6 and Internet Explorer 7
If you are an administrator, you can customize privacy settings
for all users and prevent users (including administrators) from viewing or
changing their privacy settings. To do this, use the Group Policy snap-in in
Microsoft Management Console (MMC) for Windows 2000-based or Windows XP-based
computers or use the Internet Explorer Administration Kit (IEAK) for any
supported Windows platform. Be aware that the computer on which you run the Group
Policy snap-in or IEAK must be running Internet Explorer 6 to configure privacy
settings.
Customize Privacy (and Security) Settings
- At
Stage 4 - Customizing the Browser
of
the Internet Explorer Customization Wizard (IEAK), click
Import the
current security zones and privacy settings
in the
Security
and Privacy Settings
dialog box.
- If you are using the Group Policy snap-in, double-click the
Security Zones and Content Ratings
policy under
User Configuration\Windows Settings\Internet Explorer Maintenance\Security
, and then click
Import the current security zones and
privacy settings
.
- Click
Modify Settings
to modify the
current privacy settings.
- Click
OK
.
Your current security and privacy settings are written to the
selected Group Policy object or your IEAK installation package. If you use the
IEAK, you must install your installation package on each computer on which you
want to have these customized privacy settings.
Disable User Access to All Privacy Settings
To remove the
Privacy
tab from the interface in
the
Internet Options
dialog box and to prevent users from viewing or changing privacy
settings, use one of the following methods.
Method 1: Use the Group Policy Snap-In
(Windows 2000 and Windows XP)
To disable the
Privacy
tab by using the
Group Policy snap-in in Windows 2000 or Windows XP:
- Start the Group Policy snap-in (Gpedit.msc).
- Double-click the
Disable the Privacy tab
policy under
User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel
.
If this policy is not available on a Windows 2000-based
computer that is running Internet Explorer 6, obtain IEAK 6 Service Pack 1
(SP1).
For additional information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:
316116
(http://support.microsoft.com/kb/316116/
)
You Cannot Manage Internet Explorer 6 Group Policies on a Windows 2000-based Computer
- Click
Enabled
, and then click
OK
.
The policy is applied to the selected Group Policy object and a
**del.PrivacyTab
String value is created in the following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Policies\Microsoft\Internet Explorer\Control Panel
Method 2: IEAK Profile Manager
(All Platforms)
To disable the
Privacy
tab for all Windows 98 and
Windows Millennium Edition (Me) users or Windows NT 4.0, Windows 2000, or
Windows XP administrators by using the IEAK Profile Manager, follow these
steps.
NOTE:
To apply this policy to users who have a limited user account (non-administrators) on a
Windows NT 4.0-based, a Windows 2000-based, or a Windows XP-based computer, you
must use the Windows NT Policy Editor (Windows NT 4.0) or the Group Policy
snap-in (Windows 2000 and Windows XP).
- Create an Internet Explorer installation package by using
the Internet Explorer Customization Wizard, and then start the IEAK Profile
Manager.
- On the
File
menu, click
New
or open an existing .ins file that you want to
modify.
- On the
Manage
menu, click to select the
All Policies
check box (if this check box is not already
selected).
- Click
Internet Property Pages
under
Policies and Restrictions\Corporate Restrictions
.
- Click to select the
Disable viewing the Privacy Page
policy.
- On the
File
menu, click
Save
. Or, click
Save As
, and then
type the path of your .ins file, the URL where your .cab files are stored, and
the names of your .cab files if they differ from the defaults that are
provided.
The policy is applied to users who install your Internet
Explorer installation package. When this policy is applied, a
PrivacyTab
DWORD value is created and its value data set to
1
in the following registry key:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel
Disable User Access to Per-Site Privacy Actions
For additional information about
how to disable access to only the Per Site Privacy Actions dialog box,, click
the following article number to view the article in the Microsoft Knowledge
Base:
301524
(http://support.microsoft.com/kb/301524/EN-US/
)
How to Disable Access to the "Per Site Privacy Actions" Dialog Box
For more information about how to set up security zones, visit the following Microsoft Web site:
For more information about how to change Internet Explorer security settings, visit the following Microsoft Web site:
For additional information about
cookies, click the following article number to view the article in the
Microsoft Knowledge Base:
260971
(http://support.microsoft.com/kb/260971/EN-US/
)
Description of Cookies
For more information about the registry information for privacy
settings in Internet Explorer 6, click the following article number to view the article in the Microsoft Knowledge Base:
182569
(http://support.microsoft.com/kb/182569/
)
Internet Explorer security zones registry entries for advanced users
For additional information about known issues related to
privacy settings in Internet Explorer 6, click the following article numbers to
view the articles in the Microsoft Knowledge Base:
296363
(http://support.microsoft.com/kb/296363/EN-US/
)
Cookies Settings Are Not Retained After You Upgrade to Internet Explorer 6
302708
(http://support.microsoft.com/kb/302708/EN-US/
)
Some Web Site Services Do Not Work After You Upgrade to Internet Explorer 6
299331
(http://support.microsoft.com/kb/299331/EN-US/
)
Web Site Reports That You Must Enable Cookies
318810
(http://support.microsoft.com/kb/318810/EN-US/
)
You Cannot Click "Here" in the Privacy Policy Dialog Box to View a Web Site's Privacy Policy
298636
(http://support.microsoft.com/kb/298636/EN-US/
)
Privacy Icon Is Displayed in the Status Bar Even Though Privacy Settings Allow Cookies
304646
(http://support.microsoft.com/kb/304646/EN-US/
)
Unable to Configure Different Per-Site Privacy Settings for Web Sites Within the Same Domain
303477
(http://support.microsoft.com/kb/303477/EN-US/
)
"You Have Entered an Invalid Domain" Error Message When You Attempt to Customize Privacy Settings
301390
(http://support.microsoft.com/kb/301390/EN-US/
)
Cookie Pal Requires Advanced Privacy Settings
306027
(http://support.microsoft.com/kb/306027/EN-US/
)
Unable to Refresh Web Page That Uses Cookies if Set to Prompt for Cookies
298621
(http://support.microsoft.com/kb/298621/EN-US/
)
Cookies Are Unexpectedly Blocked or Saved on Your Computer
303476
(http://support.microsoft.com/kb/303476/EN-US/
)
Screen Reader Program Does Not Read Cookie Headings in Advanced Privacy Settings Dialog Box
303479
(http://support.microsoft.com/kb/303479/EN-US/
)
Error Message When You Import a Custom Privacy Settings File
298626
(http://support.microsoft.com/kb/298626/EN-US/
)
Unable to Export Custom Privacy Settings in Internet Explorer 6
308093
(http://support.microsoft.com/kb/308093/EN-US/
)
You Cannot Close the Privacy Report Dialog Box by Pressing ALT+C
301402
(http://support.microsoft.com/kb/301402/EN-US/
)
Incorrect Information in Advanced Privacy Settings "What's This?" Text
304531
(http://support.microsoft.com/kb/304531/EN-US/
)
Legacy Opt-Out Cookie Strings That Are Supported by Internet Explorer 6
306255
(http://support.microsoft.com/kb/306255/EN-US/
)
Nonfunctional Privacy Icon Is Displayed When You Navigate Back to Web Sites
298628
(http://support.microsoft.com/kb/298628/EN-US/
)
Per Site Privacy Actions Do Not Work as Expected
302831
(http://support.microsoft.com/kb/302831/EN-US/
)
Unable to Remove Per Site Privacy Actions for Local Intranet Sites
313558
(http://support.microsoft.com/kb/313558/EN-US/
)
PRB: Privacy Policy Error Occurs When You Access Sites Through the Authenticating Proxy
323752
(http://support.microsoft.com/kb/323752/EN-US/
)
PRB: Session Variables Are Lost If You Use FRAMESET in Internet Explorer 6.0