866.936.7447    231.932.0411
Traverse Legal: Attorneys and Advisors - Global Representation of Business InterestsOur attorneys have represented, handled matters and litigated cases against companies located across the globe
Internet LawIntellectual PropertyDomain DisputesCorporate ServicesComplex LitigationHome | About Us | Contact 

« RSS Feeds: Does posting third-party sydicated content as an RSS feed on my web site create liability? | Main | Cybersquatting, Fraud & Counterfeit Brands Continue to Proliferate on the Web »

May 07, 2008

Safe Harbor Certification: More Than Just a Privacy Policy

If your company collects personally identifiable information from Internet users via a website, you should have a privacy policy.  However, simply copying and pasting the numerous privacy policies that exist today may not be enough to protect your business.  In fact, if your business has not implemented the proper privacy protections, you may face liability, especially when dealing with individuals and business located outside the United States.

As such, the best way to ensure adequate privacy policy terms and conditions is to become certified with the Safe Harbor.  The Safe Harbor is a way for companies located in the United States to avoid interruptions in their business dealings with the European Union countries and to avoid having to face prosecution by European authorities under European privacy laws.  Being Safe Harbor certified will assure that EU organizations know that your company provides "adequate" privacy protection.

Benefits of the Safe Harbor certification include:

  • All 27 Member States of the European Union will be bound by the European Commission’s finding of adequacy
  • Companies participating in the safe harbor will be deemed adequate and data flows to those companies will continue;
  • Member State requirements for prior approval of data transfers either will be waived or approval will be automatically granted; and
  • Claims brought by European citizens against U.S. companies will be heard in the U.S. subject to limited exceptions.

In order to become Safe Harbor certified, an organization must draft a privacy policy that incorporates all of the Safe Harbor Principles (Notice, Choice, Onward Transfer, Access, Security, Data Integrity, Enforcement).  The privacy policy must also note that the organization adheres to the Safe Harbor.  With a properly drafted privacy policy in place, an organization must publicly declare its willingness to adhere to the Safe Harbor by self-certifying annually with the Department of Commerce.  If approved, the organization, along with the necessary filings, will be included in the Safe Harbor List.

We can draft a Safe Harbor compliant privacy policy, advise you as to the best ways to implement the privacy policy including dispute resolution, draft and file the certification form, and handle yearly reaffirmations to ensure your organization remains Safe Harbor certified.  Therefore, if your organization does business online, you should contact us today.

Posted at 08:50 AM in Customer and Data Privacy Policies |

Comments

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Subscribe to this blog's feed

Categories

Recent Posts

Recent Comments


Global Representation of Business Interests

Practice Spotlights

Internet:
Web Law and Information Technology Update

Trademark:
Global Registration, Monitoring & Protection

Patent Attorneys:
Patent Litigation & Infringement

Piracy:
Pursuing Cybersquatters Under the UDRP & ACPA

Monetization:
Defending Generic Domain Portfolios

New Media:
Copyright, DMCA & On-Line Content Protection

E-Commerce:
Contracts, Licensing, Policies & Deal Making

Trade Secrets:
Non-Competes, Trade Secrets & Market Position

Governance:
Director, Manager & Fiduciary Liability.

General Counsel:
Outsourced GC Services.

Archives

More...

Domain Name Dispute Resources

Traverse Legal, PLC | 810 Cottageview Dr., G20, Traverse City, MI, 49684
(West Coast Office) 16830 Ventura Boulevard Suite 358, Los Angeles (Encino), CA 91436-1707
Maryland Office: 22776 Three Notch Rd. ,Suite 201, Lexington Park, MD.
231-932-0411 (phone) | 866-936-7447 (toll free) | 231-932-0636 (fax)
Practice Areas: Internet Law | Intellectual Property | Domain Disputes | Corporate Services | Complex Litigation
Site Map | Disclaimer | Advertising Notice | Terms of Use | Copyright | Privacy Policy | About | Contact Us | Home
© 2008 Traverse Legal, PLC. All rights reserved.
Other Web Sites: Washington DC Metro Crash: We are representing Metro crash victims in cases arising in Virginia, Washington DC and Marlyland from our Maryland Office: 22776 Three Notch Rd. ,Suite 201, Lexington Park, MD
web site design by nielsen design group | architecture and implementation by leelanau.com