Your SlideShare is downloading. ×
六合彩,香港六合彩 » SlideShare
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

六合彩,香港六合彩 » SlideShare


Published on

张平这时竟放肆的大笑起来,香港六合彩摇着肥硕的头颅,不可思议的望着我说:无计,我可不欠你的吧?三万?三千都没有! …


Published in: Technology


  • 1. Privacy and Security in the Information Age Conference, Melbourne, Australia August 16, 2001 The United States Government’s Approach to Privacy: The EU Directive and the Safe Harbor Framework Patricia M. Sefcik U.S. Department of Commerce
  • 2. Privacy in Europe and the U.S.
    • The European privacy system is based on comprehensive legislation.
    • The U.S. privacy system is based on self regulation and sector specific legislation in highly sensitive areas such as financial, medical, children’s and genetic information.
  • 3. Historical Overview: Safe Harbor
    • OCTOBER 1998
      • EU’s sweeping privacy directive went into effect
    • JULY 2000
      • Safe Harbor principles are deemed adequate
    • NOVEMBER 1, 2000
      • Safe Harbor becomes effective
      • DOC launches safe harbor website
    • JANUARY 4, 2001
      • Official Department of Commerce roll-out
    • JANUARY-AUGUST, 2001
      • Outreach events
  • 4. Safe Harbor Implementation
    • What are the Benefits?
    • Who Can Join and How?
    • How and Where will Safe Harbor be Enforced?
  • 5. The Safe Harbor Framework
    • 7 Privacy Principles
    • 15 FAQ’s
    • European Commission’s adequacy determination
    • Letters between U.S. Dept. of Commerce and the European Commission
    • Letters from U.S. Dept. of Transportation and Federal Trade Commission
  • 6. The 7 Safe Harbor Principles
    • Notice
    • Choice
    • Onward Transfer
    • Security
    • Data Integrity
    • Access
    • Enforcement
  • 7. The Safe Harbor Principles
    • (1) NOTICE
    • Inform individuals about the purpose for which the information is being collected.
    • Inform individuals about how to contact the organizations with inquiries or complaints.
    • Provide information on the types of third parties to which information is being disclosed, and the choices and means offered for limiting its use and disclosure.
  • 8. The Safe Harbor Principles
    • (2) CHOICE
    • An organization must offer individuals the opportunity to choose (opt out) whether their personal information is (a) to be disclosed to a third party, or (b) to be used for a purpose that is incompatible with the purposes for which it was originally collected or subsequently authorized by the individual.
    • Individuals must be provided with clear and conspicuous, readily available, and affordable mechanisms to exercise choice.
  • 9. The Safe Harbor Principles
    • CHOICE: Sensitive Information
    • For sensitive information (i.e. medical/ health conditions; racial/ethnic origin; political opinions; religious/ philosophical beliefs; trade union membership; sex life), individuals must be given affirmative or explicit (opt in) choice if the information is to be disclosed to a third party or used for a purpose other than those for which it was originally collected or subsequently authorized.
  • 10. The Safe Harbor Principles
    • To disclose information to a third party, organizations must apply the notice and choice principles.
    • Notice and Choice are not required for data transfers to an agent (someone who acts on behalf of the transferor) if it is first determined by the organization that the agent complies with the safe harbor principles, or is subject to the directive or another adequacy finding, or enters into a written agreement with the organization .
  • 11. The Safe Harbor Principles
    • (4) SECURITY
    • Organizations creating, maintaining, using or disseminating personal information must take reasonable precautions to protect it from loss, misuse and unauthorized access, disclosure, alteration and destruction.
    • Organizations must take more care to protect sensitive information, as it is defined in the principles.
  • 12. The Safe Harbor Principles
    • Personal information must be relevant for the purposes for which it is to be used. An organization may not process personal information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual.
    • To the extent necessary for those purposes, an organization should take reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current.
  • 13. The Safe Harbor Principles
    • (6) ACCESS
    • Individuals must have access to personal information about them that an organization holds and be able to correct, amend, or delete that information where it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
  • 14. The Safe Harbor Principles
    • Follow-up procedures for verifying that safe harbor policies and mechanisms have been implemented;
    • Readily available and affordable independent recourse mechanisms to investigate and resolve complaints brought by individuals;
    • Obligations to remedy problems arising out of a failure by the organization to comply with the principles.
  • 15.
    Other Ways To Comply With The Directive:
  • 16. Safe Harbor: Next Steps
    • Mid-Year Review
    • “ Visual” Compliance
    • Financial Service Negotiations
    • DPA Visit
    • EU Directive Review
    • Additional resources are available on the safe harbor website
    • Safe Harbor List (updated regularly)
    • Safe Harbor Workbook
    • Safe Harbor Documents (including Principles, FAQ’s, correspondence)
    • Historical Documents (including public comment)
  • 18. Contact Information
    • Patricia Sefcik, Director
    • Office of Electronic Commerce
    • International Trade Administration U.S. Department of Commerce
    • Room 2003
    • 14th & Constitution Avenues, NW
    • Washington, DC 20230
    • Tel: (202) 482-0216
    • Fax: (202) 482-5522
    • E-Mail: