U.S. companies not complying with E.U. Safe Harbor rules.
The E.U. privacy directive was passed in 1995 and governs the rules for companies that conduct business in the European Union and handle personally identifiable information. The agreement was negotiated between the United States and the European Union as a compromise for American companies that handle sensitive data from European citizens. The U.S. Department of Commerce is responsible for certifying U.S. company compliance.
"Most companies, according to what I interpreted from this commission staff working document, tried to avoid compliance in any possible way and exploit loopholes of the Safe Harbor," said Cedric Laurant of the Electronic Privacy Information Center (EPIC). "And although they're ... compliant with the letter of Safe Harbor, they haven't complied with the spirit."
The European Commission working report says that U.S. regulatory agencies such as the Department of Commerce and the Federal Trade Commission are being lax in enforcing Safe Harbor.
The commission report does not call for ending Safe Harbor but does recommend that U.S. regulators improve their enforcement efforts.
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||Up front: news, trends & analysis; European Union|
|Publication:||Information Management Journal|
|Article Type:||Brief Article|
|Date:||Jan 1, 2005|
|Previous Article:||British Library to Archive E-mails.|
|Next Article:||U.S. hands out technology grants for healthcare.|