The organizations on the Safe Harbor have notified the US Department of
Commerce that they adhere to the safe harbor framework developed by the
Department of Commerce in coordination with the European Commission.
The safe harbor provides guidance for U.S. organizations on how to
provide "adequate protection" for personal data from Europe as required
by the European Union's Directive on Data Protection. However, the
Department of Commerce apparently does not assess the adequacy of any
organization's privacy policy or its adherence to that policy.
If a self-regulatory or government body find that an organisation is
not complying with the requirements of the scheme, then the offending
organization is apparently no longer entitled to the benefits of the
safe harbor.
In such cases, the offender must promptly notify the Department of
Commerce of such facts either by email or letter. Failure to do so may
be actionable under the False Statements Act (18 U.S.C. 1001). That
organization must also provide the Department of Commerce with a copy of
the decision letter from the relevant self-regulatory or government
enforcement body.
The answer therefore appears to be "should do, but regulators will only
take action if they are found not to!"
Iain
Iain Harrison
Information Governance Consultant
Leicester City Council
0116 252 7606
>>> "Bremer, Sarah" <[log in to unmask]> 24/05/2007 15:06 >>>
Facebook's privacy statement dosn't mention selling of data, but it
does state that it shares annoymised information with 3rd parties for
advertising and marketing purposes.
http://www.facebook.com/policy.php
Also says that it's party to the EU safe harbour privacy agreement.
Does that mean that they have obligations under european dpa's?
Sarah Bremer
Compliance Monitoring Officer
University of Wolverhampton Business School
Telford Campus
Telford
Shropshire
TF2 9NT
Tel: (01902) 323876
This email, together with any attachment, is for the exclusive and
confidential use of the addressee(s) and may contain legally privileged
information. Any use, disclosure or reproduction without the sender's
explicit consent is unauthorised and may be unlawful.
Any e-mail including its content and any attachments may be monitored
and used by The University of Wolverhampton for reasons of security and
for monitoring internal compliance with the University's policy on
internet use. E-mail blocking software may also be used. The University
cannot guarantee that this message or any attachment is virus free or
has not been intercepted and amended.
If you believe you have received this message in error please notify
the sender by email, telephone or fax and destroy the message and any
copies.
________________________________
From: This list is for those interested in Data Protection issues on
behalf of RONAN DURNIN
Sent: Thu 24/05/2007 12:55
To: [log in to unmask]
Subject: Re: [data-protection] Selling of Facebook
information?[Scanned]
I don't know enough about EU law but certainly what you've said makes
sense.
I wonder if they are making use of any servers in the UK for the
purposes of storing/routing data? I think that if there are comms
devices being used in the UK by facebook, then DPA certainly will
apply...
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Nigel Roberts
Sent: 24 May 2007 12:53
To: [log in to unmask]
Subject: Re: [data-protection] Selling of Facebook
information?[Scanned]
A company may not be based in the the UK or EU, but if they 'market
into' the European Community, I would submit that EU law applies to
them.
Ekin Caglar wrote:
> Their domain name is registered to:
> TheFacebook, Inc
> 156 University Ave, 3rd Floor
> Palo Alto, CA 94301
> US
>
> What made you think that they are based in the UK?
>
> E
>
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]] On Behalf Of
[log in to unmask]
> Sent: 24 May 2007 11:29
> To: [log in to unmask]
> Subject: [data-protection] Selling of Facebook information?
>
> I have heard a rumour that Facebook, the social networking service,
> makes some of its money by selling personal information about those
> registered with it to third parties. Has anyone else heard of this
> rumour? I believe Facebook is UK based, so are they likely to be in
> breach of the DPA if they do this?
>
> Charles
>
> Professor Charles Oppenheim
> Head
> Department of Information Science
> Loughborough University
> Loughborough
> Leics LE1 3TU
>
> Tel 01509-223065
> Fax 01509 223053
> e mail [log in to unmask]
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving messages please send to the
list
> owner
> [log in to unmask]
> Full help Desk - please email [log in to unmask] describing
your
> needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.467 / Virus Database: 269.7.7/816 - Release Date:
23/05/2007
> 15:59
>
>
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.5.467 / Virus Database: 269.7.7/816 - Release Date:
23/05/2007
> 15:59
>
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at
http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving messages please send to the
list owner
> [log in to unmask]
> Full help Desk - please email [log in to unmask] describing
your needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the
list
owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing
your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please immediately delete it and
all copies of it from your system, destroy any hard copies of it and
notify the sender. You must not, directly or indirectly, use,
disclose,
distribute, print, or copy any part of this message if you are not the
intended recipient. The Northern Ireland Guardian ad Litem Agency
reserves the right to monitor all e-mail communications through its
networks. Recipients should also be aware that all e-mails received by
the Northern Ireland Guardian ad Litem Agency are subject to the
Freedom
of Information Act 2000 and therefore may be disclosed to a third
party.
Any views expressed in this message are those of the individual
sender,
except where the message states otherwise and the sender is authorised
to state them to be the views of any such entity.
This e-mail was scanned by Sophos anti-virus software updated on an
hourly basis.
This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please immediately delete it and
all copies of it from your system, destroy any hard copies of it and
notify the sender. You must not, directly or indirectly, use, disclose,
distribute, print, or copy any part of this message if you are not the
intended recipient. The Northern Ireland Guardian ad Litem Agency
reserves the right to monitor all e-mail communications through its
networks. Recipients should also be aware that all e-mails received by
the Northern Ireland Guardian ad Litem Agency are subject to the Freedom
of Information Act 2000 and therefore may be disclosed to a third party.
Any views expressed in this message are those of the individual sender,
except where the message states otherwise and the sender is authorised
to state them to be the views of any such entity.
This e-mail was scanned by Sophos anti-virus software updated on an
hourly basis.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the
list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the
list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|