Multinational Marketers Fail to Meet Safe Harbor Privacy Standards

Share this content:
At least 75 U.S. companies that do business overseas are missing the mark on data privacy under the "safe harbor" principles, according to a study released last week by business consultancy Andersen.


These lapses could have serious implications if the Federal Trade Commission, the policing agent in the United States for safe harbor, begins evaluating international marketers' data practices.


In the study, Andersen looked at 75 Fortune 500 and midsize U.S. firms in the financial services, retail, technology, telecommunications/media/entertainment and travel/leisure industries. It checked each company's data practices against the six principles of the European Union-U.S. safe harbor agreement, which took effect in November.


Under the European Union's data privacy directive, personal information may not be transferred to countries without "adequate" privacy protection. Because the United States does not have a privacy law, the European Union saw the need to implement rules that must be followed by U.S. businesses to protect European data from misuse. As a result, six principles were drafted to ensure the safety of personal information.


The principles -- as negotiated by the European Commission and the U.S. Department of Commerce -- are: notice of what information is collected and how it is used; choice to opt out of third-party data sharing; security precautions to safeguard data; data integrity processes for the collection of relevant data only for specified use; access to information and the ability to correct or delete it; and enforcement of privacy protection and consequences for lapses.


According to the study results, none of the firms studied met all six of the principles; two were found to be in compliance with five; and eight were in compliance with only one of the six.


Enforcement was a problematic area for most of the Web sites examined, with just 5 percent offering assurance of compliance and consequences for noncompliance.


Among other findings, adequate notice of what information was collected was given on 25 percent of the 75 sites; 34 percent addressed access to data; 46 percent offered adequate security; 74 percent addressed data integrity; and 80 percent provided choice.


close

Next Article in Data/Analytics

Sign up to our newsletters

Company of the Week

Brightcove is the world's leading video platform. The most innovative and respected brands confidently rely on Brightcove to solve their most demanding communication challenges because of the unmatched performance and flexibility of our platform, our global scale and reliability, and our award-winning service. With thousands of customers and an industry-leading suite of cloud video products, Brightcove enables customers to drive compelling business results.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above