October 24, 2006

2006 The IAPP Announces Winners Of The IAPP Privacy Innovation Awards

Royal Philips Electronics, General Electric Corp., ATB Financial and Voltage Security, Inc. Receive Privacy Awards During the IAPP Privacy Academy 2006 in Toronto  

YORK, Maine -- October 24, 2006 - The International Association of Privacy Professionals (IAPP), the largest organization of professionals in the privacy field with more than 2,800 members, today announced the winners of the IAPP Privacy Innovation Awards, an annual recognition of privacy leadership in the public, private and technology sectors. The awards were presented Oct. 19 during a special IAPP member reception at the Hockey Hall of Fame in Toronto.

More than 30 individual organizations participated in the 2006 Innovation Awards, the largest number of nominees ever in the four-year history of this distinguished awards program.

"We are delighted to recognize these organizations for their leadership in the development and delivery of privacy programs," said J. Trevor Hughes, Executive Director of the IAPP. "The depth and breadth of nominations this year is a testament to the continued growth of our field."

In the Large Organization category (more than 5,000 employees), Royal Philips Electronics and General Electric Corp. tied for their entries on Binding Corporate Rules (BCR) as a mode of compliance for cross-border data transfers.

General Electric is the first company in the world to pursue a BCR policy that assures employees that their data will be handled using the highest and best practices no matter where in the world the employee or the data is located. The GE BCR has been approved in more than a dozen countries to date - more than any other model - and is under consideration in all EU countries. This BCR model governs the company's relationship with its 350,000 employees worldwide and is available in 27 languages.

Philips publicly announced its BCR project at the International Data Protection Conference in Sydney in 2003, when it was already in an advanced drafting stage. The Philips Privacy Code is currently moving through the final approval process in 22 European countries. The unique approach taken by the Philips Privacy Code is that it combines two existing concepts of European data privacy law: the U.S./EU Safe Harbor Program and the (sectoral) Codes of Conduct. The Philips Privacy Code is a self-regulating document which, after endorsement by European Data Protection Authorities, creates a "safe haven" for personal data within the worldwide Philips group.

The winner in the Small Organization category (less than 5,000 employees), is ATB Financial, which won the award for its privacy program communications plan. Alberta, Canada-based ATB Financial is a full service financial institution that is the largest deposit-taking institution headquartered in Western Canada.

ATB Financial's innovative privacy initiative was both strategic and technological, according to the Innovation Awards judges. It crossed multiple divisions of the organization and required extensive, planning, assessment and coordination of cross-sectional business units. Rather than collect customer consent on separate forms, ATB Financial designed a system to direct customers to a single point of entry and awareness. A privacy brochure enforced by a publicly available Customer Privacy Code was also created and distributed to all existing customers to capture one, uniform consent for portfolio management. This complex and intricate effort resulted in the one of the first online opt-outs made available for customers of financial institutions in Canada.

"As an Alberta-based financial institution, ATB Financial is very pleased to be recognized by the IAPP for its innovative privacy approach," said Privacy Officer Sandra Smith-Frampton, CRM.

Now in its second year, the IAPP Privacy Innovation Technology Award goes to Voltage Security, Inc., for Voltage Identity-Based Encryptionâ„¢ technology incorporated into its data protection solutions. Voltage IBE protects information on PCs (laptops, desktops, mobile and wireless devices) and in email communications, and enables compliance with a broad range of privacy guidelines and regulations, such as PCI, HIPAA, GLBA, PIPEDA and the Data Protection Act.

Voltage IBE solutions can be used to protect the privacy of information internally within an organization, such as HR and financial information; externally with business partners, brokers and the supply chain to protect company confidential information, such as pricing and other trade secrets; as well as with customers to protect personally identifiable information, such as credit card, Social Security and drivers license data. Voltage IBE solutions are in use by more than 250 world-leading organizations, and by partners such as Integro Insurance Brokers, Spheris, XL Global Services, Winterthur Life, Microsoft, NTT Communications, Symantec, Ciphertrust, Proofpoint and Tablus.

Background On The IAPP Privacy Innovation Awards

The IAPP Privacy Innovation Awards recognize organizations that have embraced privacy both for its competitive advantage as well as its role in improving the customer experience. A panel of judges selected by the IAPP evaluated entries based on the program's structure and effectiveness. Now in its fourth year, the IAPP Privacy Innovation Awards are managed exclusively by the IAPP.