Presentation is loading. Please wait.

Presentation is loading. Please wait.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.

Similar presentations


Presentation on theme: "29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY."— Presentation transcript:

1 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive

2 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Who do you Trust? A Look at Privacy Seals Christine A. Varney Partner Hogan & Hartson LLP Washington, D.C. United States

3 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Globalization: Who Do you Trust? A Look at Privacy Seals Terra Incognita September 2007 Fran Maier Executive Director, TRUSTe

4 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive TRUSTe: 10 Years of Impact Web Privacy Seal EU Safe Harbor Seal by authority of the US Department of Commerce Children’s Online Privacy Protection Act Safe Harbor by authority of the US Federal Trade Association Privacy Seal beyond legal requirements for legitimate mail Trusted Download Program (beta)

5 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Our Sealholders

6 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive TRUSTe Mission Functioning as an independent trust authority with privacy as our core Serving leading privacy trustmark to elevate responsible players and assure individuals Creating practical solutions to the challenges of trust Benefiting all constituents of the global digital society - consumers, businesses and governments Advancing Privacy & Trust for the Networked World

7 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive TRUSTe: Trustmarks Essential to the Networked World Individual Privacy is a continually challenged as technology and business models evolve Consumers need assurance Businesses need Privacy Compliance and Capability Governments and Regulators looking for Leadership

8 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Based on Evolving Standards Rigorous Certification Ongoing Monitoring Consumer Input Broad Oversight Real Rewards Industry Standards Evaluate and Certify Recognize and Reward Improve Consumer Experience Monitoring and Compliance

9 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Online independent recourse mechanism for consumers to report Goal is to augment Sealholder’s privacy program, escalate and resolve complaints quickly 86% would recommend using Watchdog to a friend “ I loved Adobe beforehand and I love it now. TRUSTe facilitated getting me to the right person to talk to.” Watchdog Dispute Resolution

10 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Evaluate websites from many angles: proactive and reactive approach Ongoing Monitoring Technological scans “seeding” Reputation monitoring Ongoing reviews Watchdog monitoring Other reviews of blogs, press, consumer postings Approximately 50% of scans discover problems

11 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Business Benefit: Audible.com 2% Increase in Engagement Homepage 22% Increase in Order Value Order Page

12 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Business Benefit: Eloan 3-5% Increase in Conversions application

13 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Building Blocks for Effective Programs 1.Strong Program/Certification Requirements 2.Thorough and impartial audit, more than self assessment 3.Accountability and Enforcement 4.Credible oversight from multiple parties 5.Evolving standards and accountability, ability to address new issues 6.Market Incentives to motivate compliance and participation

14 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Why Trustmarks are Now Considered for International Accountability 1. Flexible 2. Practical Knowledge 3. Responsive 4. Rewards and Incentives 5. Independent of Varying Privacy Laws 6. Value-added Intermediary 7. Welcome Oversight

15 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Future Forming Advisory Committee to help guide and support TRUSTe’s International Exploration Working with FTC and DOC to support 2008 APEC Pathfinder Continuously improving program requirements, administration, and responsiveness Please contact John Tomaszewski for more info USA:

16 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Contact Information Fran Maier Executive Director & President TRUSTe 685 Market Street, Suite 270 San Francisco, CA

17 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive European Privacy Seal Kirsten Bock Independent Centre for Privacy Protection ULD Unabhaengiges Landeszentrum fuer Datenschutz Schleswig-Holstein, Germany

18 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Privacy Seal Schleswig-Holstein IT product audit Scope: regional privacy and IT-security regulations Voluntary but regulated by law Legal and technical evaluation checked by independent certification body Criteria based on legal regulations 31 accredited experts More than 40 certifications since 2003

19 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Certified Products Welfare & employment administration Firewall Data and file destruction SAP testing tools Distributed storage of radiographs Remote file server (encrypted data) PDA system for hospitals Parking using mobile phone Windows Update Service

20 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive EuroPriSe Project Project funding: 1,3 Mio by EU Duration: June 07 – November 08 Consortium: 9 Partner from 8 EU-Countries Aim: Introduction of a European Privacy Seal certifying that an IT product or service can be deployed in compliance with European data protection regulations B ORKING C ONSULTANCY

21 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive EuroPriSe Objective A certificate, based on a transparent and revisable procedure supervised by independent authorities or trustees Uniform criteria based on the European Privacy Directives valid throughout the European Member States A positive incentive to develop and deploy privacy compliant and privacy enhancing products and services on the market

22 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive EuroPriSe Advantages Compliance Acceptance Trust Market advantage

23 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive EuroPriSe Procedure IT-Product or Service IT-Product or Service Admitted Experts check Product or Service Admitted Experts check Product or Service Granting of Privacy Seal Accredited Certification Body checks Evaluation Report

24 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive EuroPriSe Criteria Compliant deployment incl. configuration and documentation Principles: –Legitimacy of data processing –Right of the data subject –Transparency & audit ability –Data economy –Data avoidance –Data security European Data Protection Directive (95/46/EC) and Directive on privacy and electronic communications (2002/58/EC) Recognition of established standards in IT security (e.g. Common Criteria (ISO 15408:2005) and IT security management (e.g. ISO ff.)

25 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive EuroPriSe Experts Expert admittance procedure –Proof of qualification: legal and/or technical –Training & work specimens –Proof reliability and independence Publication of trained experts and area of qualification in public register list 1st Expert Workshop in Vienna November 20, 2007

26 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive European Privacy Seal Board Accreditation and coordination of certification bodies Ensure and sustain consistent procedures on certification & evaluation Ensure and sustain uniform criteria

27 29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS 29e Confrence internationale des commissaires à la protection de la vie prive Thank you! Questions? Contact: Kirsten Bock


Download ppt "29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY."

Similar presentations


Ads by Google