Department of Commerce Releases New Proposal for Data Privacy Protection

Share this content:
The U.S. Department of Commerce late yesterday released new documents developed to provide clear guidance to U.S. organizations seeking to comply with the European Union's Directive on Data Protection in electronic commerce.

The new documents are based on the results of a series of meetings that took place with David L. Aaron, UnderSecretary of Commerce for International Trade, and John Mogg, his EU counterpart.

The discussions were prompted by the EU's directive, issued last year, which requires EU member countries to enact laws prohibiting the transfer of personal data to non-member states that fail to ensure what the EU deems to be an "adequate" level of privacy protection. The United States has favored industry-led, market driven privacy protection principles to ensure consumer trust in electronic commerce.

The newly released documents include the revised safe harbor principles, as well as "frequently asked questions and answers" on access and a draft of the European Union's document on complaint procedures. Within a week, the Department will issue additional FAQs addressing certain sectoral concerns, other procedural issues, and several clarifications requested by interested U.S. organizations.

The Commerce Department's new draft proposal will provide the basis for the next round of discussions between the two sides on the privacy issue. The public is invited to comment on both sets of documents, which will also be provided to the EU Member States for review. The deadline for comments is May 10, 1999.

"We have achieved a substantial level of consensus on both the content of the privacy principles themselves, and on the practices and procedures that will govern transatlantic data transfers," said Aaron, in a statement.

An earlier version of the safe harbor principles was published in November 1998, and since then last fall, when the European Union's Directive on Data Protection became effective, the Commerce Department has been working to develop clear and predictable guidance for U.S. organizations that would enable them to comply with the directive and avoid data flow disruptions.

"Since then, we have received extensive comments and held lengthy discussions with interested parties," Aaron said. "Access to and onward transfer of data have been particular concerns. We have also received many questions about how the broad safe harbor principles would be applied in specific cases. These latest documents address many of these concerns."

The Department and the Commission have also agreed on the key benefits for safe harbor participants. They include:

*All 15 Member States (MS) will bound by US/EC understanding;

*The understanding will create the presumption that companies within the safe harbor provide adequate data protection (rather than the opposite) and data flows to those companies will continue;

* Claims against U.S. organizations will for the most part be limited to claims of non-compliance with the principles. European consumers will be expected to exhaust their recourse with the U.S. organization first, and due process will be assured for U.S. organizations that are subject to complaints;

* Generally, only the European Commission, acting with a committee of Member State representatives (the Article 31 Committee) will be able to interrupt personal data flows from an EU country to a U.S organization;

* U.S. companies will have a grace period to implement safe harbor policies.

In the next few weeks, Under Secretary Aaron will continue to meet wit interested parties and will conduct another round of talks with Mogg late this month. The Department hopes to finalize the texts in May and reach a final conclusion on the safe harbor by the U.S.-EU Summit, scheduled for June 21.

Next Article in Marketing Strategy

Sign up to our newsletters

Company of the Week

Since 1985, Melissa has helped thousands of companies clean, correct and complete contact data to better target and communicate with their customers. We offer a full spectrum of data quality solutions, including global address, phone, email, and name validation, identify verification - available for batch or real-time processes, in the Cloud or on-premise. Our service bureau provides dedupe, email/phone append and geographic/demographic append services for better targeting and insight. For direct mailers, Melissa offers easy-to-use address management/postal software, list hygiene services and 100s of specialty mailing lists - all with competitive pricing and excellent customer service.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above