“A comprehensive data privacy bill to be introduced next year in the U. S. House will apply to online and off-line practices, affecting virtually every company that does business in the U. S” “International privacy policies are permeating planning at corporations struggling to comply with the European Union's privacy rules and an emerging set of strict Canadian data sharing requirements. ”
“Security experts discovered a flaw this week in the Web site operated by Verizon Wireless that potentially exposed the private customer information of those who used the Web site to view their personal cell phone bills”. (Sept 16) Customer information exposed by Playboy. com hacker (November 21, 2001) Playboy. com has spent several days contacting customers and doing an online security audit after a hacker broke into the site's online store last weekend and got access to customer information and credit card numbers.
Accountability – in charge Identifying purpose – reason for collection Consent – needed to collect Limiting Collection – to that required for the specific purpose
Id. the nature of PII associated with business process Document its collection, use, disclosure and destruction Provide mgt with tool to make informed decisions based on understanding of privacy risk Ensure accountability Create consistent format and structured process Reduce Revisions
What information can be “discovered” by visiting a site? What information is being collected, why, do they really need it? Is the site secure enough to stop people from accessing the information I give to a site in a transaction? Who really is watching what I do when I surf? What will happen to my information?
64 federal agency Web sites use software to track the habits of users despite rules banning the practice, according to preliminary findings in a report to Congress on Internet privacy that was released last week (Office of Inspector General). The European Parliament on Tuesday [Nov 13] voted to adopt an amend. to the draft directive on electronic data collection and privacy to restrict the use of cookies. If the vote is ratified, Web sites will have to explicitly ask users if they want to accept cookies--a move that the advertising industry says could be damaging to business.
Can’t relax on a corporate level – you need to gear up for all the privacy legislation facing you Look for controls, policies and procedures services that will help your enterprise and its web presence meet the privacy challenge head-on Look for help from your qualified CA and legal You can’t relax on a personal level
Скачать презентацию A comprehensive data privacy bill to be introduced
187600471925e4364ad44aed6940d126.ppt