Professional Documents
Culture Documents
The U.S.-E.U. Safe Harbor Framework: Cross Border Data Flows, Data Protection, and Privacy
The U.S.-E.U. Safe Harbor Framework: Cross Border Data Flows, Data Protection, and Privacy
Safe Harbor
Framework
Damon Greer
Safe Harbor Program
October 15, 2007
Different Approaches to Data Privacy Why it
matters
2
Adequacy via the Safe Harbor
3
7 Safe Harbor Principles (SHFIPPs)
• NOTICE
• CHOICE
• SECURITY
• ONWARD TRANSFER
• DATA INTEGRITY
• ACCESS
• ENFORCEMENT
4
Where to Find Safe Harbor Information
5
Compliance & Enforcement
• Results:
No referrals and no complaints filed with the EU DPAs.
TRUSTe, BBB, DMA, and others report internal complaints
resolved!
6
Other Options for Meeting the EU Directive’s
Requirements
• Joining Safe Harbor is not the only means of meeting the EU
Directive’s requirements
“Unambiguous” consent
Necessary to perform contract
Codes of Conduct
Model Contract Clauses
Direct compliance/registration with EU Authorities
http://ec.europa.eu/justice_home/fsj/privacy/index_en.htm
7
Since 2000, we’ve built credibility and
confidence in Safe Harbor in the E.U.
8
Moving Forward — The Challenge Continues
9
Safe Harbor Program Membership
2000 – Oct. 2007
300
250 244
223
211
204
200
154 HR
150 143 Non-HR
Total
109
100
50
6
0
2000 2001 2002 2003 2004 2005 2006 2007
10
Safe Harbor Program – Top 20 Industries
Biotechnology - (BTC) 26
11
For additional information or questions
Contact me at:
Damon C. Greer
U.S. Department of Commerce
HCHB 2003
1401 Constitution Avenue, N.W.
Washington, D. C. 20230
Telephone: (202) 482-5023; Fax: (202) 482-5522
Email: damon.greer@mail.doc.gov
12