Multinational Marketers Fail to Meet Safe Harbor Privacy Standards

Share this content:
At least 75 U.S. companies that do business overseas are missing the mark on data privacy under the "safe harbor" principles, according to a study released last week by business consultancy Andersen.


These lapses could have serious implications if the Federal Trade Commission, the policing agent in the United States for safe harbor, begins evaluating international marketers' data practices.


In the study, Andersen looked at 75 Fortune 500 and midsize U.S. firms in the financial services, retail, technology, telecommunications/media/entertainment and travel/leisure industries. It checked each company's data practices against the six principles of the European Union-U.S. safe harbor agreement, which took effect in November.


Under the European Union's data privacy directive, personal information may not be transferred to countries without "adequate" privacy protection. Because the United States does not have a privacy law, the European Union saw the need to implement rules that must be followed by U.S. businesses to protect European data from misuse. As a result, six principles were drafted to ensure the safety of personal information.


The principles -- as negotiated by the European Commission and the U.S. Department of Commerce -- are: notice of what information is collected and how it is used; choice to opt out of third-party data sharing; security precautions to safeguard data; data integrity processes for the collection of relevant data only for specified use; access to information and the ability to correct or delete it; and enforcement of privacy protection and consequences for lapses.


According to the study results, none of the firms studied met all six of the principles; two were found to be in compliance with five; and eight were in compliance with only one of the six.


Enforcement was a problematic area for most of the Web sites examined, with just 5 percent offering assurance of compliance and consequences for noncompliance.


Among other findings, adequate notice of what information was collected was given on 25 percent of the 75 sites; 34 percent addressed access to data; 46 percent offered adequate security; 74 percent addressed data integrity; and 80 percent provided choice.


close

Next Article in Data/Analytics

Sign up to our newsletters

Company of the Week

Since 1985, Melissa has helped thousands of companies clean, correct and complete contact data to better target and communicate with their customers. We offer a full spectrum of data quality solutions, including global address, phone, email, and name validation, identify verification - available for batch or real-time processes, in the Cloud or on-premise. Our service bureau provides dedupe, email/phone append and geographic/demographic append services for better targeting and insight. For direct mailers, Melissa offers easy-to-use address management/postal software, list hygiene services and 100s of specialty mailing lists - all with competitive pricing and excellent customer service.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here