Friday, April 28, 2006

White & Case LLP - Despite Stricter Rules in Europe, US Companies More Advanced in Protecting Data New Study Compares US and European Corporate Privacy Practices New York, April 25, 2006 ... A new study comparing European and US corporate privacy practices reveals that while European companies impose tighter restrictions on the sharing of sensitive personal data, US companies currently have more sophisticated systems in place to prevent breaches. The study, sponsored by global law firm White & Case as part of its annual Global Privacy Symposium, which will be held Thursday, April 27 in New York, was conducted by the independent privacy think tank Ponemon Institute. The study surveyed 47 US and European multinationals on eight privacy practices, including privacy policy; communications and training; privacy management; data security methods; privacy compliance; choice and consent; cross-national standards; and redress. The survey questions were reviewed by two European data protection authorities, The Information Commissioner's Office of the UK and The Commission Nationale de l'Informatique et des Libertes (CNIL) in France. 12:08:17 PM

InfoSecDaily / Blogs: A comparison of US and European Privacy Practices A new study on "US and European Corporate Privacy Practices" was released two days, and as I constantly monitor the topic knowing EU's stricter information sharing and privacy violations laws comparing to the U.S, thought you might find this useful. To sum up the findings : "European companies are much more likely to have privacy practices that restrict or limit the sharing of customer or employees' sensitive personal information and are also more likely to provide employees with choice or consent on how information is used or shared," said David Bender, head of White & Case's Global Privacy practice." still at the "sharing sensitive information is bad" promotional stage, I feel the research reasonable points out the lack of a systematic technical approach, bureaucracy can also be an issue, but with so many CERTs in Europe there's potential for lots of developments I think. Established in 2004, ENISA is the current body overseeing and guiding the Community towards data protection practices -- slowly, but steadily gaining grounds. "But the research also revealed that US companies are engaging in more security and control-oriented compliance activities than their European counterparts. As a result, US corporations scored higher in five of the eight areas of corporate privacy practice." - structured implementation on a technical level, that is people auditing networks and being accountable in case of not doing so, and privacy policies by default. A little something bringing more insight from the Safe Harbor framework : 12:05:48 PM

Study: Consumers would trade some privacy for convenience. Study: Consumers would trade some privacy for convenience. A majority of consumers around the world would share personal data if they knew the information was securely protected -- and if sharing it would make their lives easier, according to the new study by Unisys Corp. [Computerworld Privacy News] Editor: The problem is that almost all the companies that want the data claim it will be secure(and not shared), but that is hardly ever really true. 11:52:26 AM

© Copyright 2006 Paul Hardwick. Last update: 5/5/06; 11:22:25 PM.