LEFIS ROVANIEMI MEETING 19TH 20TH JANUARY 2007 Privacy In The Web TATYANA STEFANOVA LEX.BG BULGARIA.
-
Upload
britton-crawford -
Category
Documents
-
view
213 -
download
0
description
Transcript of LEFIS ROVANIEMI MEETING 19TH 20TH JANUARY 2007 Privacy In The Web TATYANA STEFANOVA LEX.BG BULGARIA.
LEFIS ROVANIEMI MEETING 19TH 20TH JANUARY 2007
Privacy In The Web
TATYANA STEFANOVALEX.BGBULGARIA
Main Topics
What kind of personal information do internet activities reveal
Legal environment of privacy protection in Bulgaria
Problems Good practices Technological aspects
What kind of internet activities do personal information reveal
Registration forms / On-line application forms / On-line surveys / Interest lists / E-mail subscription forms
Signing up for internet service E-mail Browsing the internet / Search engines Interactive use (Instant Messengers; Internet social
networking sites) Cookies / Web beacons Personal websites and Blogs Managing financial accounts and on-line bill payments
Personal data protection as a part of the right to privacy
• Physical Inviolability• Confidentiality of correspondence• Privacy of the private property• Inviolability of personal information
Legal Environment Of Privacy Protection
The personal data shall be….
• Processes lawfully and in good faith• Collected for concrete, precisely defined and lawful purposes• Proportional, related to and non-exceeding the purposes,
which they are processed for• Precise and in case of necessity to be updated• Deleted or corrected where is found that they are incorrect or
not proportional• Maintained in a status, which allows identification of the
respective natural persons for a period not longer for the purposes, for which these data is processed
Legal Environment Of Privacy Protection
The Rights, Guaranteed By The Law
• Right to access to personal data related to natural person
• Right at any time to require from the administrator of personal data confirmation
• The right at any time to require from the administrator to delete, correct or block his/her personal data
• The right to object before the administrator against the processing of his/her personal data
Problems
Legal and technical protection of internet users’ privacy is at present insufficient
Lack of overall responsibility on the Internet assigned to a certain entity
Industry self-regulation is not working
Good practices to follow
General Terms “Privacy Policy” Section Taking part in exchange programs Requirements for log-in Password protection sections Opt-in/opt-out sections
Good Practices
Netiquette - goals: • Protection of customer rights and establishment of
prerequisites for strengthening the trust of users• Establishment of rules that apply to all,
safeguarding the use of personal data• Establishment of working rules that meet the
particular needs of the data controllers• Filling the gaps in existing legislation thus reducing
the costs of its application• Elaboration of Codes of conduct
Good Practices
Elaboration of Codes of conduct: • Might be part of the general rules of conduct
adopted by a representative organizations applicable in the respective branch of industry or profession, or
• Could be adopted as a separate document• Functional analysis of the work of the respective
business entities• Identification of typical cases of collection and
processing of personal data
Technological Aspects
To develop technical means to improve the users privacy on the Net
To develop design principles for information and communications technology and multimedia hard- and software
Implementing of the Directive for electronic sign Measures against unauthorized access to information,
undertaken by the web service providers For corporate security Domain Controller, DNS, Proxy Server
(URL Filters, Content protection, Anti Virus, Anti Spam, Data Security), encryption technologies ("SSL" encryption certificate)