I'm trying to track down a problem related to Internet Explorer where one of our sites requests files from another one of our sites on a different domain. In Internet Explorer (version 8), we see a privacy icon on the bottom (eye with a red circle & slash). Internet Explorer says it is blocking cookies from the other site because it can't find a privacy policy on that site. However, on the other site, we have a compact privacy policy in place, and using an HTTP header viewer, I have verified that Internet Explorer is getting the P3P compact privacy policy value with in the header for the files from the other site.

My privacy settings in Internet Explorer are set to Medium (where it says "Blocks third-party cookies that do not have a compact privacy policy"). Everything I've found online says that Internet Explorer should accept cookies from a 3rd-party site if that site has a compact privacy policy in place. So as far as I understand, this should be working.

This is a site that is accessible to the public, so we can't assume that users will have reduced their privacy settings.

I don't understand why IE is still blocking cookies from our other site. Does anyone have any ideas why this might be the case?