香港六合彩

1,138 views

Published on

港六合彩做铒,钓鳄鱼,只为了亲人的安全。

香港六合彩不允许这群人再度威胁到众人的生命,索性一次性解决掉——这是香港六合彩的风格,更是卓远之做事的原则。

所有的计划在执行的过程中一点一滴显山露水,香港六合彩在冒险,不拿卓冠堂冒险,不拿众弟兄的生命冒险,香港六合彩在玩自己的命!

一片黑暗中,乾坤剑,这把黄金剑所显示出的亮度足以吸引嗜血的恶魔向它靠近。

之前以为香港六合彩拿大家的命在玩,没有人支持香港六合彩的计划。如今看懂了香港六合彩的计划,更没有人支持香港六合彩了。

众护卫不愿意眼睁睁地看着少堂主所珍爱的人,这个聪明又勇敢的小女人为卓冠堂、为大家送命。

之雾小姐,您不能这样做。您这是拿命冒险,身为护卫,香港六合彩必须保证您的安全,否则香港六合彩没法向少堂主交代。现在我代少堂主行使指挥权,香港六合彩必须彻底服从命令。之雾没心思再跟香港六合彩解释。如果换作卓远之,也许香港六合彩就不会有如此多的顾虑吧!在众人的眼中,卓远之是没有克服不了的困难的,香港六合彩完全有能力保护自己,不需要大家担心——香港六合彩也想做众人眼中的卓远之,哪怕只有这一夜。

香港六合彩坚定的目光即使在黑夜中仍炯炯有神,让众人无力抗拒,只有彻底地服从。

听!有动静!那是杀气靠近的声音!

最后的战役即将到来,之雾站在众人中间,平静地拿起与卓冠堂下属九个分堂同时通话的对讲机。

我是幸之雾,我以少堂主夫人的名义命令卓冠堂下属九个分堂派人包围邀海轩,将所有闯入者一次性歼灭。

卓远之,如果你处在我的

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,138
On SlideShare
0
From Embeds
0
Number of Embeds
10
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

香港六合彩

  1. 1. The Safe Harbor Framework Information Technology Association of America (ITAA) Webcast February 16, 2001 Presented by: Patricia M. Sefcik and Jeff Rohlmeier, U.S. Department of Commerce
  2. 2. Introduction: The European Union Directive on Data Protection <ul><li>The U.S. and the EU have different approaches to data privacy protection </li></ul><ul><li>U.S. system based on: </li></ul><ul><li>- Self-Regulation </li></ul><ul><li>- Sector specific legislation in highly sensitive areas such as financial, medical, children’s and genetic information </li></ul><ul><li>European system is based on comprehensive legislation </li></ul>
  3. 3. Introduction (continued) <ul><li>October 1998, EU’s sweeping privacy directive went into effect </li></ul><ul><li>EU directive prohibits the transfer of personal data to non-EU countries that do not provide “adequate” privacy protection </li></ul><ul><li>EU directive covers all industry sectors and virtually all personal data </li></ul><ul><li>European authorities could legally stop data flows at any time </li></ul>
  4. 4. Introduction (continued) <ul><li>Implications of EU directive: </li></ul><ul><li>- In 1999, the U.S. had approximately $350 billion in trade with the EU </li></ul><ul><li>- Over $120 billion in two-way trade with EU is dependent upon access to personal information </li></ul><ul><li>U.S. and EU are committed to bridging different approaches to privacy while maintaining data flows and high level of privacy protection </li></ul>
  5. 5. Introduction (continued) <ul><li>Safe Harbor Framework: Based on 7 principles that closely reflect the U.S. approach to privacy </li></ul><ul><li>July 2000: Safe Harbor principles are deemed adequate by European Commission </li></ul><ul><li>November 1, 2000: </li></ul><ul><li>- Safe Harbor becomes effective </li></ul><ul><li>- DOC launches safe harbor website at http://www.export.gov/safeharbor </li></ul>
  6. 6. Part I: Overview of the Safe Harbor Framework <ul><li>Safe Harbor Framework includes: </li></ul><ul><li>- 7 privacy principles (see Part II of presentation) </li></ul><ul><li>- 15 FAQ’s </li></ul><ul><li>- European Commission’s adequacy determination </li></ul><ul><li>- Letters between Dept. of Commerce and European Commission </li></ul><ul><li>- Letters from Dept. of Transportation and Federal Trade Commission </li></ul>
  7. 7. Overview of Safe Harbor Framework (continued) <ul><li>Understanding safe harbor requires familiarity with all safe harbor documents (http://www.export.gov/safeharbor) </li></ul><ul><li>Decisions by U.S. organizations to enter the safe harbor are entirely voluntary </li></ul><ul><li>A “stand-still” agreement between U.S. and EU remains in effect </li></ul><ul><li>mid-2001: Review of safe harbor will take place; stand-still will be reassessed </li></ul>
  8. 8. Overview of Safe Harbor Framework (continued) <ul><li>Benefits of Implementing the Safe Harbor Framework: </li></ul><ul><li>- Predictability and Continuity (all 15 Member States bound by adequacy determination) </li></ul><ul><li>- Eliminates need for prior approval to begin data transfers </li></ul><ul><li>- Flexible privacy regime more congenial to U.S. approach </li></ul><ul><li>- Simpler/more efficient means of compliance </li></ul>
  9. 9. Overview of Safe Harbor Framework (continued) <ul><li>What organizations may join safe harbor?: </li></ul><ul><li>- U.S. organizations subject to jurisdiction of the FTC or the Dept. of Transportation </li></ul><ul><li>- Financial services, telecommunications (common carriers) and not-for-profits are currently ineligible </li></ul><ul><li>- Treasury Department, in consultation with DOC, leading negotiations concerning financial services </li></ul>
  10. 10. Overview of Safe Harbor Framework (continued): <ul><li>What organizations should join Safe Harbor?: </li></ul><ul><li>- Organizations that receive personally identifiable information from EU member states must demonstrate “adequate” privacy protections </li></ul><ul><li>- Organizations that have not identified another basis for demonstrating “adequacy” should consider joining safe harbor </li></ul>
  11. 11. Overview of Safe Harbor Framework (continued) <ul><li>Joining safe harbor is not the only means of compliance with the EU “adequacy” requirement. </li></ul><ul><li>Other methods of compliance include: </li></ul><ul><li>- direct compliance with EU directive </li></ul><ul><li>- consent </li></ul><ul><li>- entering into a model contract (not yet available) </li></ul>
  12. 12. Overview of Safe Harbor Framework (continued) <ul><li>How Do Organizations Join Safe Harbor?: </li></ul><ul><li>- Organizations must comply with the framework’s requirements and publicly declare that they do so </li></ul><ul><li>- To be assured of safe harbor benefits, an organization needs to self-certify annually to the DOC </li></ul><ul><li>- Organizations may self-certify either by letter or by registering on the safe harbor website at http://www.export.gov/safeharbor (see Part III of presentation) </li></ul>
  13. 13. Overview of Safe Harbor Framework (continued) <ul><li>How and Where will Safe Harbor be Enforced?: </li></ul><ul><li>- In general, enforcement will take place in U.S, in accordance with U.S. law, and will rely, to a great extent, on private sector enforcement. </li></ul><ul><li>- Private sector enforcement has three components: Verification, Dispute Resolution, and Remedies (see Part II of presentation) </li></ul>
  14. 14. Overview of Safe Harbor Framework (continued) <ul><li>Failure to Comply with Safe Harbor Requirements: </li></ul><ul><li>- If an organization persistently fails to comply with safe harbor requirements, it is no longer entitled to safe harbor benefits </li></ul><ul><li>- Independent recourse mechanisms are required to notify DOC of such facts. Safe Harbor list will indicate failure to comply. </li></ul><ul><li>- Failure to comply may also result in an enforcement action by the FTC or DoT </li></ul>
  15. 15. Part II: The Safe Harbor Principles <ul><li>An organization entering the safe harbor must adhere to 7 privacy principles: </li></ul><ul><li>- Notice </li></ul><ul><li>- Choice </li></ul><ul><li>- Onward Transfer </li></ul><ul><li>- Security </li></ul><ul><li>- Data integrity </li></ul><ul><li>- Access </li></ul><ul><li>- Enforcement </li></ul>
  16. 16. The Safe Harbor Principles (continued) <ul><li>Notice : </li></ul><ul><li>- Inform individuals about the purpose for which the information is being collected </li></ul><ul><li>- Inform individuals about how to contact the organizations with inquiries or complaints </li></ul><ul><li>- Provide information on the types of third parties to which information is being disclosed, and the choices and means offered for limiting its use and disclosure </li></ul>
  17. 17. The Safe Harbor Principles (continued) <ul><li>Choice: </li></ul><ul><li>- An organization must offer individuals the opportunity to choose (opt out) whether their personal information is (a) to be disclosed to a third party, or (b) to be used for a purpose that is incompatible with the purposes for which it was originally collected or subsequently authorized by the individual. </li></ul><ul><li>- Individuals must be provided with clear and conspicuous, readily available, and affordable mechanisms to exercise choice. </li></ul>
  18. 18. The Safe Harbor Principles (continued) <ul><li>Sensitive Information : </li></ul><ul><li>- For sensitive information (i.e. medical/ health conditions; racial/ethnic origin; political opinions; religious/ philosophical beliefs; trade union membership; sex life), individuals must be given affirmative or explicit (opt in) choice if the information is to be disclosed to a third party or used for a purpose other than those for which it was originally collected or subsequently authorized In any case, an organization should treat as sensitive any information received from a third party where the third party treats and identifies it as sensitive. </li></ul>
  19. 19. The Safe Harbor Principles (continued) <ul><li>Onward Transfer: </li></ul><ul><li>- To disclose information to a third party, organizations must apply the notice and choice principles. </li></ul><ul><li>- Notice and Choice are not required for data transfers to an agent (someone who acts on behalf of the transferor) if it is first determined by the organization that the agent complies with the safe harbor principles, or is subject to the directive or another adequacy finding, or enters into a written agreement with the organization . </li></ul>
  20. 20. The Safe Harbor Principles (continued) <ul><li>Security : </li></ul><ul><li>- Organizations creating, maintaining, using or disseminating personal information must take reasonable precautions to protect it from loss, misuse and unauthorized access, disclosure, alteration and destruction </li></ul><ul><li>- Organizations must take more care to protect sensitive information, as it is defined in the principles. </li></ul>
  21. 21. The Safe Harbor Principles (continued) <ul><li>Data Integrity : </li></ul><ul><li>- Personal information must be relevant for the purposes for which it is to be used. An organization may not process personal information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual. </li></ul><ul><li>- To the extent necessary for those purposes, an organization should take reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current. </li></ul>
  22. 22. The Safe Harbor Principles (continued) <ul><li>Access: </li></ul><ul><li>- Individuals must have access to personal information about them that an organization holds and be able to correct, amend, or delete that information where it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated. </li></ul>
  23. 23. The Safe Harbor Principles (continued): <ul><li>Enforcement : </li></ul><ul><li>- Organizations must have the following enforcement mechanisms in place: </li></ul><ul><li>(1) readily available and affordable independent recourse mechanisms to investigate and resolve complaints brought by individuals </li></ul><ul><li>(2) Follow-up procedures for verifying that safe harbor policies and mechanisms have been implemented </li></ul><ul><li>(3) Obligations to remedy problems arising out of a failure by the organization to comply with the principles </li></ul>
  24. 24. The Safe Harbor Principles (continued) <ul><li>Verification : </li></ul><ul><li>- An organization may use a self-assessment or an outside/third-party assessment program. </li></ul><ul><li>- Under self-assessment, a statement verifying the self-assessment should be signed by a corporate officer or other authorized representative at least once a year. </li></ul><ul><li>- Under outside assessment, a verification statement should be signed either by the reviewer or by the corporate officer/authorized representative at least once a year. </li></ul>
  25. 25. The Safe Harbor Principles (continued) <ul><li>Dispute Resolution : </li></ul><ul><li>- Organizations may choose to have disputes resolved by third-party dispute resolution programs, such as (TRUSTe, BBBOnLine, DMA. AICPA WebTrust, JAMS/Endispute, Entertainment Software Rating Board, etc.), or they may choose to cooperate with the European Data Protection Authorities (DPA’s). </li></ul><ul><li>- In the case of human resources data, the organization must agree to cooperate with the DPA’s. </li></ul>
  26. 26. The Safe Harbor Principles (continued) <ul><li>For more guidance on the safe harbor principles, consult http://www.export.gov/safeharbor: </li></ul><ul><li>- Safe Harbor FAQ’s </li></ul><ul><li>- Safe Harbor Workbook </li></ul>
  27. 27. Part III: The Safe Harbor Website and Self-Certification Procedure <ul><li>Organizations that decide to join the safe harbor may do so by: </li></ul><ul><li>- Self-certifying via the Department of Commerce’s safe harbor website at http://www.export.gov/safeharbor; or by </li></ul><ul><li>- Sending the Department of Commerce a letter </li></ul><ul><li>Once received, the information submitted will be reviewed for completeness. </li></ul>
  28. 28. Website and Self-Certification Procedure (continued) <ul><li>Review for completeness should take approximately 48 hours. </li></ul><ul><li>Process make take longer depending on need for clarification. </li></ul><ul><li>Always be sure to make certain that all fields on certification form have been completed. </li></ul><ul><li>Keep copies for self-certification materials for your records. </li></ul>
  29. 29. Website and Self-Certification Procedure (continued) <ul><li>Additional resources available on the safe harbor website: </li></ul><ul><li>- Safe Harbor List (updated regularly) </li></ul><ul><li>- Safe Harbor Workbook </li></ul><ul><li>- Safe Harbor Documents (including Principles, FAQ’s, correspondence) </li></ul><ul><li>- Historical Documents (including public comment) </li></ul><ul><li>- Compliance Checklist </li></ul>
  30. 30. Conclusion <ul><li>Safe Harbor Framework is a streamlined, efficient means of complying with EU Directive on Data Protection </li></ul><ul><li>Safe Harbor is entirely voluntary </li></ul><ul><li>Organizations may sign up via the Department of Commerce’s safe harbor website (http://www.export.gov/safeharbor, or by sending the Department a letter </li></ul>
  31. 31. Contact Information <ul><li>Questions, comments may be directed to: </li></ul><ul><li>Jeff Rohlmeier </li></ul><ul><li>U.S. Department of Commerce </li></ul><ul><li>International Trade Administration </li></ul><ul><li>Office of Electronic Commerce </li></ul><ul><li>HCHB 2003 </li></ul><ul><li>14th & Constitution Avenues, NW </li></ul><ul><li>Washington, DC 2003 </li></ul><ul><li>PH: (202)482-0343 </li></ul><ul><li>E-Mail: jeff_rohlmeier@ita.doc.gov </li></ul>

×