Privacy Advisor

Privacy News

September 1, 2007

UK Information Commissioner Launches New Data Protection Strategy
The Information Commissioner's Office (ICO) is launching a consultation on its new Data Protection Strategy, which sets out how the ICO intends to achieve its task of minimizing data protection risk. The strategy is concerned with maximizing the ICO's long-term effectiveness in bringing about good practice. It explains how the ICO will focus its data protection resources where there is the greatest risk of harm through improper use of personal information.

Organizations processing people's personal details must comply with the Principles of the Data Protection Act. Failure to comply with the act means there is a greater risk that individuals' personal information is not held securely, is inaccurate or out of date. The ICO will focus its attention on situations where there is a real likelihood of serious harm. This could be harm caused to individuals or to society as a whole. This risk-based approach is in line with good regulatory practice.

According to David Smith, Deputy Commissioner, "Building public confidence in data protection is key in our approach. We protect people not just information. Public confidence depends on us taking a practical, down to earth approach — simplifying and making it easier for the majority of organizations who seek to handle personal information well, but making it tougher for the minority who do not."

10 Companies Win Contracts to Encrypt U.S. Government Data
The Office of Management and Budget, U.S. Department of Defense (DoD) and U.S. General Services Administration (GSA) recently awarded 10 contracts for blanket purchase agreements (BPA) to protect sensitive, unclassified data (called Data at Rest [DAR]) residing on government laptops, other mobile computing devices and removable storage media devices. These BPAs could result in contract values exceeding $79 million, according to the GSA.

Awardees are MTM Technologies Inc., Rocky Mountain Ram LLC, Carahsoft Technology Corp., Spectrum Systems Inc., SafeNet Inc., Hi Tech Services Inc., Autonomic Resources LLC, GovBuys Inc., Intelligent Decisions Inc. and Merlin International.

Additional information will be available at www.esi.mil and www.gsa.gov/smartbuy.

Vericept Demonstrates Commitment to Privacy and Compliance Through IAPP Certification Initiative
IAPP Silver Corporate member, Vericept, a leader in Data Loss Prevention solutions, recently sponsored a special company-wide CIPP certification initiative in which more than 30 Vericept employees in the areas of sales and technical support earned their Certified Information Privacy Professional (CIPP) credential.

To demonstrate its commitment to the profession and the value of CIPP certification, Vericept took a first-of-its-kind step in meeting all of the necessary requirements for preparing and sitting for the exam including engaging IAPP Executive Director J. Trevor Hughes to provide training Webinars for employees to help them prepare for the CIPP exam.

"With more than 30 employees designated as CIPPs, Vericept has made a strong commitment to CIPP certification in a single effort," said Hughes. "This initiative clearly demonstrates Vericept's ability to recognize the importance and value in understanding privacy requirements when assisting organizations looking to deploy a Data Loss Prevention solution and we applaud them for their efforts. We hope other companies will follow Vericept's leadership in recognizing the value the CIPP brings to an organization's commitment to privacy protection."

Vericept employees in the company's Denver, Colo. and Waltham, Mass. locations took the CIPP exam in early August. "CIPP certification sets the bar for demonstrating a comprehensive understanding of privacy and compliance implications for our clients," said Bob Sullebarger, Vericept's Vice President of Marketing and Product Management. "By requiring our employees to earn a CIPP designation, it underscores our commitment to fostering the responsible use of sensitive data."

Privacy Pro Receives Accolades for Facebook's Privacy Features
Chris Kelly, CIPP, a long-time IAPP member, was recently featured in a New Zealand Herald news story highlighting Facebook's efforts to protect users' privacy. Kelly, Chief Privacy Officer for the social networking site, said in the article that users don't expect total privacy, but rather want greater control over who sees their personal information. "Privacy, as anonymity, is declining, but privacy, as control, is on the rise," he said.

Facebook's success depends on striking the right balance between privacy and openness, according to the article. Kelly told the New Zealand Herald, "We have tried to take a very control-based approach for our users, so Facebook information doesn't leak out on the web in general."

Read the complete article at www.nzherald.co.nz/section/6/story.cfm?c_id=6&objectid=10451811.

IAPP Member Charlene Brownlee Coauthors Privacy Law
Research and Markets, an international market research and market data firm, has announced the addition of Privacy Law to its offerings. Written by IAPP member Charlene Brownlee, Partner, Davis Wright Tremaine LLP, and Blaze D. Waleski, Special Counsel with Sullivan and Cromwell LLP, the book covers current law and emerging issues in-depth, offering essential guidance on the privacy policies and practices organizations need to adopt to ensure compliance and the duty to notify employees and customers in the event of privacy breaches.

Beginning with the constitutional foundation of privacy rights, Privacy Law examines the impact of the laws, industry standards and consumer expectations regarding personal information and privacy in a variety of contexts, including: healthcare, financial institutions, the workplace, international business, e-commerce and corporate transactions.

More information is available at www.researchandmarkets.com/reports/c62687.