Technically, a proper P3P policy states is intended to inform the browser the cookies stored by the website will not be used for any tracking purpose or any other purpose at all. But, confirmed by IEBlog,
P3P: CP=”This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info.”
P3P-compliant browsers interpret Google’s policy as indicating that the cookie will not be used for any tracking purpose or any purpose at all. By sending this text, Google bypasses the cookie protection and enables its third-party cookies to be allowed rather than blocked.
And indeed, from the page specified in Google’s P3P statement,
In some situations, the cookies we use to secure and authenticate your Google Account and store your preferences may be served from a different domain than the website you’re visiting. This may happen, for example, if you visit websites with Google +1 buttons, or if you sign into a Google gadget on iGoogle.
So, what can we do to prevent this?
Or alternatively, you can block all cookies from a given site regardless of whether they are first- or third- party in Privacy Settings from Internet Option in IE. The privacy tab in Internet Option is where you can manage how cookies can be treated.
The new technology approach in IE’s racking Protection is currently undergoing the standardizing process at the W3C.