Aug
27
2015

Survey Compares American and British Opinions on the ‘Right to be Forgotten’

Right to be Forgotten

Right to be Forgotten

It can be a thin line between censorship and human rights – at least, according to the opinions of online Americans and British Internet users in a recent survey about the ‘Right to be Forgotten’ ruling.

The ‘Right to be Forgotten’ ruling stipulates that “individuals have the right, under certain conditions, to ask search engines to remove links with personal information about them. This applies where the information is inaccurate, inadequate, irrelevant or excessive for the purposes of the data processing.”

According to a new survey by TRUSTe, 69% of American online adults say that the ‘Right to be Forgotten’ is a human right, while slightly fewer British Internet users – 64%, say the same.

The survey showed feelings of American Internet users compared with British Internet users are slightly different when it comes to the practicality of the ‘Right to be Forgotten’ – while 24% of British Internet users think the ruling is not practical, only 16% of Americans say the same. An even greater difference is how people in Britain feel about the impact of the ruling on censorship. When asked if they think the ‘Right to be Forgotten’ ruling allows for censorship, 44% of British online adults said “yes” while only 29% of Americans felt the same.

However, the results were quite similar when it came to questions about what type of information they would request removed from company databases. Fifty-two percent of Americans and 55% in Britain said they would request to have their phone number removed, followed by their address (41% of Americans, 34% of British Internet users).

You can read the full U.S. press release here and the U.K. press release here.

Aug
26
2015

TRUSTe Hosted Reception for APEC’s Data Privacy Subgroup

fort bonifacio skyscrapers manila

CebuEvent8

On August 26th, TRUSTe hosted a welcome reception for the Asia Pacific Economic Cooperation’s (APEC) Data Privacy Subgroup (DPS) at the Marco Polo Hotel in Cebu, Philippines.

The semi-annual meeting of the DPS is taking place on the margins of APEC’s Third Senior Officials meeting during the Philippines APEC host year. APEC is a regional economic forum established in 1989 to leverage the growing interdependence of the Asia-Pacific region. APEC’s DPS developed the Cross Border Privacy Rules (CBPR) system in 2006 to build consumer, business and regulator trust in cross border flows of personal information.

To date, TRUSTe is the only recognized Accountability Agent to certify organizations as compliant with this standard. For further information visit http://www.truste.com.

Read the rest of this entry »

Aug
21
2015

Privacy Meetup Event: ‘Breach Considerations, Communication Best Practices’

PrivacyInnovationBreachMeetup

PrivacyInnovationBreachMeetup

Join the Privacy Innovation & Technology Group on August 25th from 6-8 p.m. at the TRUSTe US offices, located at 835 Market Street, Suite 800 San Francisco.

The title of this event is “The New Normal: Breach Considerations & Communication Best Practices.” You can register for the event through Meetup.com.

The guest speaker is Sofia Mata-Leclerc, Director of Brunswick Group. She advises clients on a range of corporate reputation issues, specializing in corporate positioning, profile-raising and crisis communications. Read more about Sofia by visiting the Privacy Innovation & Technology’s Meetup page.

The schedule for the event is as follows:

6-6:30 p.m. – Kick back and make nice with privacy professionals
6:30-7:30 p.m. – Communicating in “The New Normal”: Breach Considerations & Consideration Best Practices
7:30-8 p.m. – Continued networking

If you’d like to join this Meetup group to be alerted of future events, click here to be taken to the group’s Meetup page.

 

Aug
19
2015

Meet the Leading Players in the Privacy Ecosystem: Gabe Totino, President & CTO, AssertID

gabe_blog

gabe_blog

Over a hundred organizations are responsible for shaping the future of data privacy. In this new series we’ll profile some of the organizations that are helping to shape the massive privacy ecosystem through the eyes of the professionals that work there and learn more about their perspectives on privacy. 

What is your organization’s role in the privacy ecosystem?

AssertID provides a web-based self-serve consent platform for consumers, educators and businesses. The platform coordinates the consent process ensuring compliance with regulations such as COPPA and FERPA. It promotes transparency between the parties and encourages the use of best-practices so that businesses can act responsibly and consumers can have a degree of control in their online privacy.

 

What key goals/issues is your organization focused on tackling?

Consumers need to trust that their privacy is not being undermined when online. Businesses need to know that they can get access to information that is integral to providing their service. Our goal at AssertID is to create an effective communication & control channel between the consumer and the provider so that the consumer becomes engaged in privacy matters, and the provider has an opportunity to earn the consumer’s trust and business. We are currently concentrating on facilitating compliance with the COPPA and FERPA laws and engaging parents and educators with the goal of protecting children’s online privacy. This provides us with a good starting point to raise awareness about online privacy and get consumers to become more involved in protecting their privacy while online.

 

How have your organization’s goals/focus changed over the years to address evolving technologies or challenges?

Our focus has not changed considerably over the years. The goal remains the same – to be a catalyst in a movement where businesses become more responsible and open about their practices and consumers become more savvy about their privacy. To that end, we continue to keep abreast of new challenges that businesses face with compliance and continuously evolve the platform to remove any roadblocks they might present.

Read the rest of this entry »

Aug
18
2015

Popular Webinar Tackles How Privacy Practices Can Help Prepare for a Data Breach

Education concept: Knowledge Transfer on keyboard background

The most recent webinar in TRUSTe’s Privacy Insight Series drew a phenomenal response. Clearly, there’s a ton of interest in how good privacy practices can help manage (sometimes inevitable) data breaches.

The webinar titled, “How Good Privacy Practices Can Help Prepare for a Data Breach” is the first webinar in our Fall/Winter Privacy Insight Series. Speakers included Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute; Joanne Furstch, Director of Product Policy at TRUSTe; and Mary Westberg, Sr. Compliance Paralegal at SanDisk. Each presenter brought their own set of expertise to the discussion.

Webinar1

If you follow our blog and receive the TRUSTe newsletter, you’re probably well aware of our Privacy Insight Series. The Series consists of webinars with top privacy experts who discuss the major privacy issues of today.

Watch this 2-minute video to get an idea of this webinar’s content.

Click here to view the full webinar. To register for future webinars visit truste.com/insightseries.

Aug
18
2015

13 Companies Settle with FTC for False US-EU & US-Swiss Safe Harbor Claims

FederalTradeCommission

FederalTradeCommission

Thirteen companies settled with the FTC yesterday for falsely claiming they were certified and in compliance with the US-EU or US- Swiss Safe Harbor Framework.

Compliance with the US-EU and US-Swiss Safe Harbor Frameworks means companies follow established requirements for meeting adequacy standards to transfer customer or employee data from the European Union or Switzerland to the United States. To be in compliance, companies must self-certify with the Department of Commerce and are required to show compliance with the seven privacy principles. These principles are notice, choice, onward transfer, security, data integrity, access and enforcement. This self-certification needs to be renewed annually.

Of the 13 companies that settled, seven were previously in compliance with the US-EU and US-Swiss Safe Harbor Frameworks but failed to renew their self-certification.

The FTC has demonstrated that it monitors and cracks-down on violations of US-EU and US-Swiss Safe Harbor Frameworks. Prior to yesterday’s announcement, the FTC has settled with more than two-dozen companies allegedly making false claims regarding Safe Harbor compliance.

This news underscores the importance of maintaining US-EU and US-Swiss Safe Harbor compliance. TRUSTe can help companies to conduct gap assessments, remediate practices to stay compliant, and prepare for Safe Harbor self-certification. To find out more, click here.

 

 

 

Aug
12
2015

Meet the Leading Players in the Privacy Ecosystem: Daniel J. Solove, Founder, TeachPrivacy

daniel_blog

Over a hundred organizations are responsible for shaping the future of data privacy. In this new series we’ll profile some of the organizations that are helping to shape the massive privacy ecosystem through the eyes of the professionals that work there and learn more about their perspectives on privacy.

What is your organization’s role in the privacy ecosystem?

TeachPrivacy provides computer-based privacy training and information security awareness training to organizations in a wide array of industries. TeachPrivacy has FERPA training for schools, HIPAA training for healthcare providers and business associates, PCI training for merchants and others handling payment card data, and much more.

What key goals/issues is your organization focused on tackling?

Our goal is to provide training that really makes a difference. Training is one of the most important things an organization can do to mitigate the risk of having a data breach or a privacy incident. I founded TeachPrivacy because I thought that there was a better way to train employees about these issues – to really educate them, to show them why they should care.

My goal is to apply good teaching techniques to training. I learned a lot in teaching as a professor and in speaking to audiences of all types. I aim to create training that is engaging, concrete, vivid, and memorable.

How have your organization’s goals/focus changed over the years to address evolving technologies or challenges?

Our goals have remained stable – we are an education company. Our primary goal is to help organizations educate their workforce about privacy and data security. We want to make the best training we can create.
In the training I develop, I strive to use the techniques that work the best – using stories, interactivity, vivid imagery, varied styles and approaches, immersive experiences, activities, genuine passion, and memorable explanations. There is a timeless quality to these techniques. They have worked for thousands of years.

Looking ahead – what are the most important data privacy issues/concerns you think need to be addressed by the industry and/or government legislation?

It would take many books to answer this question. But one overarching point that I think is essential: The best legislation includes governance provisions – it requires a privacy and security officer, privacy and security programs, routine risk assessments, training, policies and procedures, etc. And there must be good enforcement. Laws without such provisions are often poorly followed.

Read the rest of this entry »

Aug
12
2015

Fall/Winter Lineup of Privacy Insight Series to Help Companies Address Timely Data Privacy Topics

PIS_linkedin

PIS_linkedin

With data privacy increasingly in the public eye, businesses have a strong incentive to get their privacy programs in order. However, privacy professionals are currently struggling to stay on top of the complicated and constantly evolving privacy landscape.

TRUSTe today announced the fall/winter lineup of the Privacy Insight Series, a set of six live webinars featuring renowned privacy speakers and the newest research and insights into key trends impacting data privacy management in 2015. The new schedule of events will build upon the early success of the series, which debuted in January 2015 with 12 live events. The fall/winter schedule will feature the following live webinars:

  • August 13: How Good Privacy Practices Can Help Prepare for a Data Breach
  • September 16: What Does the Proposed EU Regulation Mean for Businesses?
  • September 24: Building an Effective Privacy Program – Six Practical Steps
  • October 15: Five Top Things the CISO Needs to Know about Data Privacy
  • November 12: Practical Vendor Management to Minimize Privacy Compliance Risks
  • December 9: Future of US-EU Safe Harbor – Solutions for Cross-Border Data Transfers

The series kicks off tomorrow with the webinar “How Good Privacy Practices Can Help Prepare for a Data Breach” with speakers Larry Ponemon, Chairman & Founder, Ponemon Institute, Joanne Furtsch, Director of Product Policy, TRUSTe, and Mary Westberg, Senior Compliance Paralegal, SanDisk Corporation.

To register for any of the webinars in the series, visit www.truste.com/insightseries.

Older posts «