bionmai.blogg.se - Privacy protector note 5

The following sections briefly discuss these issues. Nevertheless, if you are responsible for the Web site, you may be asked to do some of the work, notably documenting logging activity and the use of cookies. Of course, it might not be your job to pull together this information and come up with a privacy statement - in recent years, many large organizations have been appointing chief privacy officers to oversee the creation of privacy policies for the organization and its Web sites.

The steps taken by the data collector to ensure the confidentiality, integrity, and quality of the data.

Whether the provision of the requested data is voluntary or required, and the consequences of a refusal to provide the requested information.

The nature of the data collected and the means by which it is collected, if not obvious (for example, passively, by means of electronic monitoring, or actively, by asking the consumer to provide the information).

Identification of any potential recipients of the data.

Identification of the intended use of the data.

Identification of the entity collecting the data.

Here are the main points that need to be covered: The more complex and interactive the site, the more work it will take to craft a statement that covers all the bases. For simple sites that set no cookies or receive no user input, such a statement is easy to draft. In practical terms, the primary means of providing privacy notice to Web site visitors is the privacy statement. Moreover, three of the other principles (choice/consent, access/participation, and en-forcement/redress) are only meaningful when a consumer has notice of an entity's policies, and his or her rights with respect thereto." Without notice, a consumer cannot make an informed decision as to whether and to what extent to disclose personal information. "Consumers should be given notice of an entity's information practices before any personal information is collected from them.

In the context of Web site privacy, notice means you must advise visitors to your site of your policies with respect to the personal data you process.

It might be a splash page for a Web site informing visitors that clicking to enter constitutes agreement to the terms of use. Such notice might be a banner that appears during network log-on, warning that access to the network is restricted to authorized users. Many systems, including many Web sites, put users on notice with respect to ownership, security, and terms of use. Notice is a concept that should be familiar to network professionals. In this chapter, we focus on the five core principles of privacy protection that the FTC determined were "widely accepted," namely: Notice/Awareness, Choice/Consent, Access/Participation, Integrity/Security, and Enforcement/Redress. Since its publication, this report has helped to shape the current "privacy-enforcement" role of the FTC. The result has been a series of reports, guidelines, and model codes that represent widely-accepted principles concerning fair information practices." "Over the past quarter century, government agencies in the United States, Canada, and Europe have studied the man ner in which entities collect and use personal information-their "information practices"-and the safeguards required to assure those practices are fair and provide adequate privacy protection.