Group items tagged

"On October 6, 2009, the Federal Trade Commission ("FTC") announced proposed settlement agreements with six companies over charges that they falsely claimed membership in the U.S. Department of Commerce Safe Harbor program. In six separate complaints, the FTC alleged that ExpatEdge Partners LLC, Onyx Graphics, Inc., Directors Desk LLC, Collectify LLC, and Progressive Gaitways LLC deceived consumers by representing that they maintained current certifications to the Safe Harbor program when such certifications had previously lapsed. The terms of the proposed settlement agreements prohibit the companies from misrepresenting their membership in any privacy, security or other compliance program. The six enforcement actions are significant as they mark a considerable uptick in the FTC's enforcement related to the Safe Harbor program. The FTC recently brought its first enforcement action relevant to the program, which is detailed in our post titled FTC's First Safe Harbor Enforcement Action. The European Union Data Protection Directive requires EU Member States to implement legislation that prohibits the transfer of personal data outside the EU unless the EU has made a determination that the laws of the recipient jurisdiction are substantially equivalent to those of the EU, and thus provide "adequate" protection for personal data. Because the EU has determined that laws of the United States do not meet its adequacy standard, the U.S. Department of Commerce and the EU developed the Safe Harbor Framework, which went into effect in November 2000. The Safe Harbor Program allows participating U.S. companies under the jurisdiction of the FTC or the U.S. Department of Transportation to transfer personal data lawfully from the EU. To join the Safe Harbor, a company must self-certify to the U.S. Department of Commerce that it complies with seven principles that have been deemed to meet the EU's adequacy standard. To maintain its certification to the Safe Harbor

"Recently, the Federal Trade Commission (FTC) has gotten tough with US companies that have not lived up to their own privacy promises to European consumers. In particular, it has filed complaints against seven US companies that claimed that they were adhering to the European Union's Safe Harbor Program, but allegedly were not. (The FTC issues or files a complaint when it has "reason to believe" that the law has been or is being violated, and it appears to the Commission that a proceeding is in the public interest. The complaints themselves are not a finding or ruling that the named parties have violated the law.) By taking action, the FTC has shown that the Safe Harbor program, as applied to US companies, is not a set of empty promises. Rather, the FTC is keeping watch over businesses and will sanction those that misrepresent their own policies. In this column, I will explain how the Safe Harbor program works, and also discuss the recent FTC enforcement actions."

The Securities and Exchange Commission announced Wednesday that it has reopened the public comment period on a proposal for a model privacy form that financial institutions could use to provide disclosures required by the Gramm-Leach-Bliley Act (GLBA). The commission is reopening the comment period in order to solicit public comment on the results of recent quantitative consumer testing conducted to evaluate the form. In March 2007, pursuant to the Financial Services Regulatory Relief Act of 2006, the SEC, together with seven other federal regulators, proposed a model privacy form designed to allow consumers easily to compare privacy practices of financial institutions. The jointly developed model form uses easily readable type font and is designed to be succinct and comprehensible. Under the proposal, financial institutions that chose to use the model privacy form would satisfy GLBA disclosure requirements and could take advantage of a legal "safe harbor." The SEC has reopened the comment period on the proposal to provide all persons who are interested in this matter an opportunity to comment on the results of the recent testing of the model privacy form.

Like this http://cheaptravelbooker.com Like this http://cheaptravelbooker.com like this http://killdo.de.gg travel,hotel,fun,hotel new,new offer,hotel best,best hotel,hotel travel,seo,backlinks,edu,gov,ads,indexing,bookmark,killgoggle,gogglesuck,goggle bookmark,kill goggle,yahoo,bing,indexing,quality links,linkwell,traffic boster,index best

The European Commission has prepared a set of questions and answers as well as a flowchart to help companies understand when they can and when they cannot send personal data abroad. The European Union's Data Protection Directive protects the personal data of EU citizens from abuse and misuse. Organisations have a duty to protect it, and that means ensuring that it is not sent to countries with poor data protection. The Directive says that data can be sent to another country "only if... the third country in question ensures an adequate level of protection". Only a handful of countries have been deemed acceptable destinations for data by the European Commission. Those are Switzerland, Canada, Argentina, the Bailiwick of Guernsey, the Isle of Man, the Bailiwick of Jersey and the US, when the data's treatment is in the Safe Harbor Privacy Principles of the US Department of Commerce The advice has been prepared by the Data Protection Unit of the Directorate-General for Justice, Freedom and Security at the European Commission. It is designed particularly to help small and medium sized companies to understand the law when it comes to transferring personal data outside of the European Economic Area (EEA). The guidance points out that in order for a transfer to be legal, data has to be properly handled in the first place according to the data protection laws of the country where the processing organisation is established. If the transfer is to a country not listed as having adequate data protections in place, a transfer can still take place, the guidance says, but only if "the data controller offers 'adequate safeguards with respect to the protection of the privacy and fundamental rights and freedoms of individuals and as regards the exercise of the corresponding rights'," says the guidance, quoting the Directive. "These safeguards may result from appropriate contractual clauses, and more particularly from standard contractual clauses issued by the Commission," it sai