Adequacy in the EU Data Protection Directive

This article takes a look at the European Commission’s Directive on Data Protection (95/46/EC), and the establishment of the adequacy requirement, which prevents Member States from transferring data to a third country, unless the third country ensures an adequate level of protection. The Directive also explores certain related concepts, including the Working Party and data/information embargoes. Finally, the article takes a look at the US data protection approach and its ability to meet the EC’s adequacy standard. [...]

Share
September 27th, 2011 | Tags: , , , , | Category: Privacy | Leave a comment

Consumer Authentication in Canada

Electronic authentication is common in this information-driven society, as daily transactions through electronic services and the Internet require remote electronic authentication. Online transactions are increasingly seamless through the connection of multiple devices which offer services to consumers that were previously unattainable. Many authentication systems collect and use the personal information of users in a way that compromises their privacy and security. Authentication systems must be designed to give consumers more control over their personal information, promoting user security and effective privacy [...]

Share
July 15th, 2010 | Tags: , , , , , , , | Category: CIPP, Compliance & Regulations | Leave a comment

CSA Model Code

In March 1996, the Canadian Standards Association (CSA) published the Model Code for the Protection of Personal Information. Canada was the first country in the world to establish a voluntary, national standard for personal information protection.

The Model Code was largely based on the Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data, created by the Organization for Economic Cooperation and Development (OECD). While the Code remains a voluntary standard, it enjoys strong support and endorsement by a variety of Canadian companies as the national standard on privacy [...]

Share
June 29th, 2010 | Tags: , , , , , , , , , | Category: CIPP | Leave a comment

Limiting Data Collection

While increasing the amount of detail and information seems enticing to the business intelligence office, security and privacy professionals must step in and put on the brakes to limit disclosure [...]

Share
October 4th, 2009 | Tags: , , , | Category: CIPP, Compliance & Regulations, Privacy | Leave a comment

Finland's Fingerprinting Fiasco? Centralized private records database accessible by police

Finland will collect all their citizens’ fingerprints, store them in a central database and include them in passport ID chips. Singapore’s been doing this for several years, and the parallels and privacy implications are deeper than [...]

Share
February 5th, 2009 | Tags: , , , , , , , , , , , | Category: CIPP, Privacy | Leave a comment