Webtrends Tracking Code
 
UK Home >  OUT-LAW News >  News Archive >  2001 >  August 2001 >  Could standardisation help privacy?

Could standardisation help privacy?

OUT-LAW News, 24/08/2001

European standards organisations are seeking public comment on a draft report prepared in support of the Initiative on Privacy Standardisation in Europe (IPSE). The organisations are expecting interest from privacy heads.

The rationale behind the draft report is to address consumer privacy concerns with a view to driving e-commerce. Differences between national data protection laws impede the free movement of personal data across borders. The report addresses the best way round these privacy obstacles, both managerially and technically.

The main recommendations in the report are:

  • To establish a common European set of Best Practices for data protection and make this available for free or at low cost to help businesses and data managers ensure that they are compliant with the Data Protection Directive and, where appropriate, the diverse European national laws and additional requirements.
  • Do not initiate management standards, especially in the sense of those requiring a formal certification for which large parts of the market do not appear ready. Instead, await current developments in the Consumer Policy Committee of the International Organisation for Standardisation.
  • Develop a technical report on data protection principles and privacy, explaining the technologies used in privacy protection and the fundamentals of the Directive and national legislation within Europe.
  • Establish a clear set of assessment criteria based on user requirements which will assist evaluation and understanding of privacy enhancing technologies.
  • Study current data protection auditing practice, discuss with national Data Protection Commissioners, auditors and legal practitioners what best practice is in the area, and prepare a report on the issue.
  • Develop a set of common criteria for what Web Seals should attest to, how that attestation is made, and what audit and oversight applies.
  • Develop a standard set of contract clauses reflecting the requirements of the security requirements placed on data controllers by the Data Protection Act, for example, the requirement that databases should be protected against hackers.

A committee of the IPSE will consider the draft report at an open meeting on 27th September to address whether standardisation would aid privacy. Public comment is requested by 31st August to giulia.cipressi@cenorm.be.

If you have any questions about how this relates to your business, you can e-mail info@out-law.com for help.

 

 

OUT-LAW Recommends

Data Protection training
We offer training courses on Data Protection and Freedom of Information laws

Winner at 2008 Webby Awards

OUT-LAW star: link to the home page
Disclaimer | Privacy | Site Map | Accessibility
Disclaimer: This was printed from OUT-LAW.COM, a service of international law firm Pinsent Masons. We hope you find this content useful. However, please note that nothing in this document constitutes specific legal advice. You should consult a suitably qualified lawyer on any specific legal problem or matter. Any questions, please email info@out-law.com.