I'm think it is wholly because it is unenforceable and unverifiable when it comes down to it. P3P allows websites owners to assert their privacy policies, and some aspects of the TOS, in "machine readable" formats. This was supposed to allow standardization to allow better filtering automatically when you visit a site. You tell your browser you are only interested in sites that "collect cookies for the purposes of aggregate data collection" and "don't sell personal information to third parties", and the browser was supposed to warn you, or change its functionality, based on your targets with the site's claimed assertions. It doesn't work like that though, for the same reason the Firefox bad certificate screen ended up being more annoying than useful: no one actually cared about security more than using the site. It's easier to override the settings and use the site. And you could never be sure, until after the fact when it's too late because the information is already out there, that the policy was ever followed or not.
And because of that and the way IE's default "internet zone" cookie policy worked, you pretty much had to, as a website, assert policies that were amenable to the IE defaults.
This would only work when there is significant competition between interchangeable and interoperable sites anyway. Facebook asserts policies A, B, and C, while Myspace asserts policies X, Y, and Z. Well, those policy differences don't mean anything if I actually want to use Facebook because that's that's where my friends are. Privacy policies are only a differentiation point if the policies are different and the services are exactly the same, which is actually impossible (and not really in the indivdual sites' best interest anyway).
P3P has some use as a way to monitor the privacy policy and TOS on a site, and have your browser notify you of changes. I don't think this is necessarily better than what happened with Facebook TOS where someone was following it closely, actually read it, and raised hell about it. There's an emotional aspect tied to that, one that doesn't exist when your browser pops up a box with a warning you just want to dismiss and get out of your way.
And because of that and the way IE's default "internet zone" cookie policy worked, you pretty much had to, as a website, assert policies that were amenable to the IE defaults.
This would only work when there is significant competition between interchangeable and interoperable sites anyway. Facebook asserts policies A, B, and C, while Myspace asserts policies X, Y, and Z. Well, those policy differences don't mean anything if I actually want to use Facebook because that's that's where my friends are. Privacy policies are only a differentiation point if the policies are different and the services are exactly the same, which is actually impossible (and not really in the indivdual sites' best interest anyway).
P3P has some use as a way to monitor the privacy policy and TOS on a site, and have your browser notify you of changes. I don't think this is necessarily better than what happened with Facebook TOS where someone was following it closely, actually read it, and raised hell about it. There's an emotional aspect tied to that, one that doesn't exist when your browser pops up a box with a warning you just want to dismiss and get out of your way.