Your SlideShare is downloading. ×
0
STEPS TO PREPARE FOR TRUSTe
EU CERTIFICATION
Michelle Hines
VP of Sales, TRUSTe
Jay Cline
President, Minnesota Privacy Con...
2
AGENDA
SAFE HARBOR
REQUIREMENTS
TRUSTE
REQUIREMENTS
WATCHDOG
DISPUTE
RESOLUTION
Comparison of EU Data-Transfer Compliance Options
WHY THE SAFE HARBOR?
• For companies with simple & stable transatlantic ...
FAQ 7 - Verification
Q: How do organizations provide follow up procedures for verifying that the
attestations and assertio...
FAQ No 11: Dispute Resolution and Enforcement
Q: How should the dispute resolution requirements of the Enforcement
Princip...
DOC SAFE HARBOR LIST
http://www.export.gov/safeharbor/sh_overview.html
9
DISPUTE RESOLUTION COMPARISON
Dispute Resolution
Option
Advantage
EU Data Protection
Authorities
• Public
• Decisions made...
11
TRUSTe E.U. SAFE HARBOR SEAL PROGRAM
• Verisign
• Audible
• Harris Interactive
• LinkedIn
• Launched in 2001
• 145 lice...
TRUSTe CERTIFICATION PROCESS
Your organization fills out a TRUSTe contract and self-
assessment incorporating all Safe Har...
13
TRUSTe FACILITATES SMOOTH SELF-CERTIFICATION
TRUSTe
helps
companies
fulfill the safe
harbor
principles
Letter of
verifi...
EU SAFE HARBOR REQUIREMENTS – ADDITIONS
TO COMPLIMENT WEB PRIVACY SEAL
Disclosure in privacy statement that company compli...
15
TRUSTe EU SAFE HARBOR SEAL PROGRAM
WATCHDOG DISPUTE RESOLUTION
• Free of charge to consumers
• Easy-to-use online form
...
16
WATCHDOG COMPLAINTS
• Resolve approximately 5,000 per year directly
– Also offer “self help” through Web site
• TRUSTe ...
17
EXAMPLES OF TRUSTe WATCHDOGS
1. A complainant filed a complaint against an EU-Online sealholder indicating that
someone...
18
COMPLIANCE AND ENFORCEMENT TOOLBOX
• Certification:
– 90% improve practices
• Watchdog Dispute Resolution
– 100% resolu...
DEMONSTRATING EU COMPLIANCE
19
20
1
2
3
TESTIMONIALS
“Being a member of TRUSTe’s EU Safe Harbor Program gives
us additional tools in our pursuit of meeting world-...
ABOUT TRUSTe
• Independent trust authority headquartered in San Francisco
– Formed in 1997 by EFF, CommerceNet, and a numb...
23
CONTACT INFORMATION
Michelle Hines
VP of Sales, TRUSTe
+1.415.520.3402
mhines@truste.org
www.truste.org
Jay Cline
Presi...
Steps to prepare for TRUSTe EU certification
Steps to prepare for TRUSTe EU certification
Steps to prepare for TRUSTe EU certification
Upcoming SlideShare
Loading in...5
×

Steps to prepare for TRUSTe EU certification

1,320

Published on

How do organizations provide follow up procedures for verifying that the
attestations and assertions they make about their safe harbor privacy
practices are true and those privacy practices have been implemented as
represented and in accordance with the Safe Harbor Principles?

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,320
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
10
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Steps to prepare for TRUSTe EU certification"

  1. 1. STEPS TO PREPARE FOR TRUSTe EU CERTIFICATION Michelle Hines VP of Sales, TRUSTe Jay Cline President, Minnesota Privacy Consultants
  2. 2. 2 AGENDA SAFE HARBOR REQUIREMENTS TRUSTE REQUIREMENTS WATCHDOG DISPUTE RESOLUTION
  3. 3. Comparison of EU Data-Transfer Compliance Options WHY THE SAFE HARBOR? • For companies with simple & stable transatlantic dataflows
  4. 4. FAQ 7 - Verification Q: How do organizations provide follow up procedures for verifying that the attestations and assertions they make about their safe harbor privacy practices are true and those privacy practices have been implemented as represented and in accordance with the Safe Harbor Principles? 7 http://www.export.gov/safeharbor/SH_FAQ7.asp
  5. 5. FAQ No 11: Dispute Resolution and Enforcement Q: How should the dispute resolution requirements of the Enforcement Principle be implemented, and how will an organization's persistent failure to comply with the Principles be handled? 8 http://www.export.gov/safeharbor/FAQ11FINAL.htm
  6. 6. DOC SAFE HARBOR LIST http://www.export.gov/safeharbor/sh_overview.html 9
  7. 7. DISPUTE RESOLUTION COMPARISON Dispute Resolution Option Advantage EU Data Protection Authorities • Public • Decisions made by a DPA are binding TRUSTe • Information disclosed in Watchdog process is confidential • Transparent, fair and equitable Other governmental authorities Public
  8. 8. 11 TRUSTe E.U. SAFE HARBOR SEAL PROGRAM • Verisign • Audible • Harris Interactive • LinkedIn • Launched in 2001 • 145 licensees • Millions of consumers • Notable members:
  9. 9. TRUSTe CERTIFICATION PROCESS Your organization fills out a TRUSTe contract and self- assessment incorporating all Safe Harbor Privacy Principles TRUSTe conducts an initial site walkthrough and provides a set of written recommendations in the form of a site findings report You implement recommendations on your Web site TRUSTe awards you privacy seals. Display these where you collect information to build confidence with customers TRUSTe ensures ongoing compliance and monitoring with MAXAMINE scanning and the TRUSTe Watchdog Dispute Resolution System 12
  10. 10. 13 TRUSTe FACILITATES SMOOTH SELF-CERTIFICATION TRUSTe helps companies fulfill the safe harbor principles Letter of verification to self-certify with DOC Offers 3rd Party Dispute Resolution with the Watchdog Program Provides a consumer facing seal demonstrating EU compliance
  11. 11. EU SAFE HARBOR REQUIREMENTS – ADDITIONS TO COMPLIMENT WEB PRIVACY SEAL Disclosure in privacy statement that company complies with the EU Safe Harbor Framework. Disclose in privacy statement timeframe in which company will respond to an access request for the purpose of correcting and updating inaccuracies. TRUSTe requires Program Participants to respond within 30 days. Provide a mechanism to request deletion of inaccurate data and disclose in the privacy statement how to request deletion. 14
  12. 12. 15 TRUSTe EU SAFE HARBOR SEAL PROGRAM WATCHDOG DISPUTE RESOLUTION • Free of charge to consumers • Easy-to-use online form • Transparent, fair and equitable • Complaints for offline data can be submitted by mail or fax • Monthly Watchdog reports available on TRUSTe Web site • 86% would recommend using Watchdog to a friend
  13. 13. 16 WATCHDOG COMPLAINTS • Resolve approximately 5,000 per year directly – Also offer “self help” through Web site • TRUSTe works with consumer and the sealholder to resolve issues • Critical input to monitoring process • Watchdogs can assist in identifying trends – potential threats • Goal: Improve Consumer Trust Note: TRUSTe Watchdog Complaints
  14. 14. 17 EXAMPLES OF TRUSTe WATCHDOGS 1. A complainant filed a complaint against an EU-Online sealholder indicating that someone else had created an online profile pretending to be them. TRUSTe forwarded the complaint to the sealholder, and the sealholder deleted the profile as requested. 2. A complainant filed a complaint against an EU-Online sealholder requesting that they be unsubscribed from all mailings. TRUSTe forwarded the complaint to the sealholder, and the sealholder promptly replied that they had processed the unsubscribe request. 3. A complainant filed a complaint that they were unable to close their account because they are no longer at the e-mail address they used to create their account. TRUSTe forwarded the complaint to the sealholder, who quickly responded and notified TRUSTe that they had closed the account.
  15. 15. 18 COMPLIANCE AND ENFORCEMENT TOOLBOX • Certification: – 90% improve practices • Watchdog Dispute Resolution – 100% resolution • Proactively monitor – Scanning: 50% fail and then fix – Email Seeding
  16. 16. DEMONSTRATING EU COMPLIANCE 19
  17. 17. 20 1 2 3
  18. 18. TESTIMONIALS “Being a member of TRUSTe’s EU Safe Harbor Program gives us additional tools in our pursuit of meeting world-class privacy standards. Conversely, TRUSTe’s seals on our web pages help give site visitors the confidence of knowing that we take privacy seriously.” - Patrick Manzo, Vice President of Compliance and Fraud Protection, Monster “It is critical that we abide by the Safe Harbor framework when dealing with business customers in Europe. Our display of TRUSTe’s EU seal marks our compliance with the EU framework and shows that we take customer data handling seriously. It makes selling our services that much easier.” - David Stark, Privacy Officer, North America, TNS 21
  19. 19. ABOUT TRUSTe • Independent trust authority headquartered in San Francisco – Formed in 1997 by EFF, CommerceNet, and a number of leading Internet companies - Microsoft, Intel, IBM, AOL, Excite – Washington, DC gov’t affairs office • Mission: Advancing Privacy and Trust for the Networked World – Widely accepted privacy best practices – Elevate responsible players – Help consumers identify who they can trust – Supplement legislation and regulation – Address emerging privacy vulnerabilities and threats
  20. 20. 23 CONTACT INFORMATION Michelle Hines VP of Sales, TRUSTe +1.415.520.3402 mhines@truste.org www.truste.org Jay Cline President, Minnesota Privacy Consultants +1.763.498.2237 cline@minnesotaprivacy.com http://www.minnesotaprivacy.com/ Joanne Furtsch Senior Privacy Architect +1.415.520.3409 jfurtsch@truste.org www.truste.org
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×