香港六合彩 » SlideShare
-
Upload
riguo -
Category
Technology
-
view
1.005 -
download
0
description
Transcript of 香港六合彩 » SlideShare
![Page 1: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/1.jpg)
Privacy and Security in the Information Privacy and Security in the Information AgeAge
Conference, Melbourne, Australia Conference, Melbourne, Australia August 16, 2001August 16, 2001
The United States Government’s The United States Government’s Approach to Privacy:Approach to Privacy:
The EU Directive and the The EU Directive and the Safe Harbor FrameworkSafe Harbor Framework
Patricia M. SefcikPatricia M. Sefcik
U.S. Department of CommerceU.S. Department of Commerce
![Page 2: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/2.jpg)
2
Privacy in Europe and the U.S.Privacy in Europe and the U.S.
The European privacy system is The European privacy system is based on comprehensive based on comprehensive legislation.legislation.
The U.S. privacy system is based on The U.S. privacy system is based on self regulation and sector specific self regulation and sector specific legislation in highly sensitive areas legislation in highly sensitive areas such as financial, medical, such as financial, medical, children’s and genetic information.children’s and genetic information.
![Page 3: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/3.jpg)
3
Historical Overview: Safe HarborHistorical Overview: Safe Harbor
OCTOBER 1998– EU’s sweeping privacy directive went into effect
JULY 2000– Safe Harbor principles are deemed adequate
NOVEMBER 1, 2000– Safe Harbor becomes effective– DOC launches safe harbor website
http://www.export.gov/safeharbor JANUARY 4, 2001
– Official Department of Commerce roll-out JANUARY-AUGUST, 2001
– Outreach events
![Page 4: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/4.jpg)
4
Safe Harbor ImplementationSafe Harbor Implementation
What are the Benefits? What are the Benefits?
Who Can Join and How?Who Can Join and How?
How and Where will Safe Harbor be How and Where will Safe Harbor be Enforced?Enforced?
![Page 5: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/5.jpg)
5
The Safe Harbor FrameworkThe Safe Harbor Framework
• 7 Privacy Principles7 Privacy Principles• 15 FAQ’s15 FAQ’s• European Commission’s adequacy European Commission’s adequacy
determination determination• Letters between U.S. Dept. of Letters between U.S. Dept. of
Commerce and the European Commerce and the European CommissionCommission
• Letters from U.S. Dept. of Letters from U.S. Dept. of Transportation and Federal Trade Transportation and Federal Trade CommissionCommission
![Page 6: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/6.jpg)
6
The 7 Safe Harbor PrinciplesThe 7 Safe Harbor Principles
1)1) NoticeNotice
2)2) ChoiceChoice
3)3) Onward TransferOnward Transfer
4)4) SecuritySecurity
5)5) Data IntegrityData Integrity
6)6) AccessAccess
7)7) EnforcementEnforcement
![Page 7: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/7.jpg)
7
The Safe Harbor PrinciplesThe Safe Harbor Principles
(1) NOTICE(1) NOTICE Inform individuals about the purpose for which Inform individuals about the purpose for which
the information is being collected.the information is being collected.
Inform individuals about how to contact the Inform individuals about how to contact the organizations with inquiries or complaints.organizations with inquiries or complaints.
Provide information on the types of third Provide information on the types of third parties to which information is being disclosed, parties to which information is being disclosed, and the choices and means offered for limiting and the choices and means offered for limiting its use and disclosure.its use and disclosure.
![Page 8: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/8.jpg)
8
The Safe Harbor PrinciplesThe Safe Harbor Principles
(2) CHOICE (2) CHOICE
An organization must offer individuals the opportunity An organization must offer individuals the opportunity to choose (opt out) whether their personal information to choose (opt out) whether their personal information is (a) to be disclosed to a third party, or (b) to be used is (a) to be disclosed to a third party, or (b) to be used for a purpose that is incompatible with the purposes for a purpose that is incompatible with the purposes for which it was originally collected or subsequently for which it was originally collected or subsequently authorized by the individual. authorized by the individual.
Individuals must be provided with clear and Individuals must be provided with clear and conspicuous, readily available, and affordable conspicuous, readily available, and affordable mechanisms to exercise choice.mechanisms to exercise choice.
![Page 9: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/9.jpg)
9
The Safe Harbor PrinciplesThe Safe Harbor Principles
CHOICE: Sensitive InformationCHOICE: Sensitive Information
For sensitive information (i.e. medical/ health For sensitive information (i.e. medical/ health conditions; racial/ethnic origin; political conditions; racial/ethnic origin; political opinions; religious/ philosophical beliefs; trade opinions; religious/ philosophical beliefs; trade union membership; sex life), individuals must union membership; sex life), individuals must be given affirmative or explicit (opt in) choice be given affirmative or explicit (opt in) choice if the information is to be disclosed to a third if the information is to be disclosed to a third party or used for a purpose other than those party or used for a purpose other than those for which it was originally collected or for which it was originally collected or subsequently authorized.subsequently authorized.
![Page 10: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/10.jpg)
10
The Safe Harbor PrinciplesThe Safe Harbor Principles
(3) ONWARD TRANSFER(3) ONWARD TRANSFER
To disclose information to a third party, To disclose information to a third party, organizations must apply the notice and choice organizations must apply the notice and choice principles.principles.
Notice and Choice are not required for data Notice and Choice are not required for data
transfers to an agent (someone who acts on behalf transfers to an agent (someone who acts on behalf of the transferor) if it is first determined by the of the transferor) if it is first determined by the organization that the agent complies with the safe organization that the agent complies with the safe harbor principles, or is subject to the directive or harbor principles, or is subject to the directive or another adequacy finding, or enters into a written another adequacy finding, or enters into a written agreement with the organizationagreement with the organization..
![Page 11: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/11.jpg)
11
The Safe Harbor PrinciplesThe Safe Harbor Principles
(4) SECURITY(4) SECURITY Organizations creating, maintaining, using or Organizations creating, maintaining, using or
disseminating personal information must take disseminating personal information must take reasonable precautions to protect it from loss, reasonable precautions to protect it from loss, misuse and unauthorized access, disclosure, misuse and unauthorized access, disclosure, alteration and destruction.alteration and destruction.
Organizations must take more care to protect Organizations must take more care to protect
sensitive information, as it is defined in the sensitive information, as it is defined in the principles.principles.
![Page 12: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/12.jpg)
12
The Safe Harbor PrinciplesThe Safe Harbor Principles
(5) DATA INTEGRITY(5) DATA INTEGRITY
Personal information must be relevant for the Personal information must be relevant for the purposes for which it is to be used. An purposes for which it is to be used. An organization may not process personal organization may not process personal information in a way that is incompatible with information in a way that is incompatible with the purposes for which it has been collected or the purposes for which it has been collected or subsequently authorized by the individual. subsequently authorized by the individual.
To the extent necessary for those purposes, an To the extent necessary for those purposes, an organization should take reasonable steps to organization should take reasonable steps to ensure that data is reliable for its intended use, ensure that data is reliable for its intended use, accurate, complete, and current.accurate, complete, and current.
![Page 13: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/13.jpg)
13
The Safe Harbor PrinciplesThe Safe Harbor Principles
(6) ACCESS (6) ACCESS
Individuals must have access to personal Individuals must have access to personal information about them that an organization information about them that an organization holds and be able to correct, amend, or delete holds and be able to correct, amend, or delete that information where it is inaccurate, except that information where it is inaccurate, except where the burden or expense of providing where the burden or expense of providing access would be disproportionate to the risks access would be disproportionate to the risks to the individual’s privacy in the case in to the individual’s privacy in the case in question, or where the rights of persons other question, or where the rights of persons other than the individual would be violated.than the individual would be violated.
![Page 14: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/14.jpg)
14
The Safe Harbor PrinciplesThe Safe Harbor Principles
(7) ENFORCEMENT(7) ENFORCEMENT
1.1. Follow-up procedures for Follow-up procedures for verifyingverifying that safe that safe harbor policies and mechanisms have been harbor policies and mechanisms have been implemented;implemented;
2.2. Readily available and affordable independent Readily available and affordable independent recourse mechanismsrecourse mechanisms to investigate and resolve to investigate and resolve complaints brought by individuals;complaints brought by individuals;
3.3. Obligations to Obligations to remedyremedy problems arising out of a problems arising out of a failure by the organization to comply with the failure by the organization to comply with the principles.principles.
![Page 15: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/15.jpg)
15
DIRECT COMPLIANCE WITH DIRECT COMPLIANCE WITH
THE EU DIRECTIVETHE EU DIRECTIVE
CONSENTCONSENT
ENTERING INTO A MODEL ENTERING INTO A MODEL
CONTRACTCONTRACT
Other Ways To Comply Other Ways To Comply With The Directive:With The Directive:
![Page 16: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/16.jpg)
16
Safe Harbor: Safe Harbor: Next StepsNext Steps
Mid-Year ReviewMid-Year Review ““Visual” ComplianceVisual” Compliance Financial Service NegotiationsFinancial Service Negotiations DPA VisitDPA Visit EU Directive ReviewEU Directive Review
![Page 17: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/17.jpg)
17
CONCLUSIONCONCLUSION
Additional resources are available on Additional resources are available on the safe harbor website the safe harbor website www.export.gov/safeharborwww.export.gov/safeharbor
• Safe Harbor List (updated regularly)Safe Harbor List (updated regularly)• Safe Harbor WorkbookSafe Harbor Workbook• Safe Harbor Documents (including Safe Harbor Documents (including
Principles, FAQ’s, correspondence)Principles, FAQ’s, correspondence)• Historical Documents (including Historical Documents (including
public comment) public comment)
![Page 18: 香港六合彩 » SlideShare](https://reader036.fdocuments.in/reader036/viewer/2022082921/555e7e72d8b42abd468b49ef/html5/thumbnails/18.jpg)
18
Contact InformationContact Information
Patricia Sefcik, DirectorPatricia Sefcik, Director
Office of Electronic Commerce Office of Electronic Commerce International Trade Administration International Trade Administration
U.S. Department of CommerceU.S. Department of CommerceRoom 2003Room 200314th & Constitution Avenues, NW14th & Constitution Avenues, NWWashington, DC 20230Washington, DC 20230
Tel: (202) 482-0216Tel: (202) 482-0216Fax: (202) 482-5522Fax: (202) 482-5522E-Mail: [email protected]: [email protected]