A new privacy program, announced Wednesday by independent privacy watchdog TRUSTe, will make it easier for U.S. e-commerce companies to comply with European Union privacy laws.
The TRUSTe announcement came the same day that a safe harbor agreement reached several months ago between the U.S. and the 15-nation European Union took effect. That agreement requires U.S. firms that handle personal data from citizens of the EU to adhere to specific privacy rules.
By joining the TRUSTe EU Safe Harbor Privacy Seal program, U.S. companies can fulfill many of the self-certification requirements needed to show the U.S. Department of Commerce that they are in compliance with the safe harbor agreement.
“Our EU Safe Harbor Privacy program will help streamline adherence to existing laws and provide companies and their customers an instrument for global privacy protection and dispute resolution,” said TRUSTe president and chief executive officer Bob Lewin.
In Whom Do We TRUSTe
The key to TRUSTe’s new program is that it protects companies from the interference of EU-issued court orders with U.S. companies. This potential jurisdictional quagmire is a bugaboo of the safe harbor arrangement that came into effect Wednesday.
TRUSTe offers Web site privacy certification and oversight as well as an alternative dispute resolution mechanism. The privacy program will include enforcement of TRUSTe privacy policies through quarterly site monitoring.
In order to receive TRUSTe’s seal of approval, companies must provide TRUSTe with regular access to information on their data use and data security. Participation in the program is voluntary.
“With the TRUSTe Privacy Seal program, there can be little doubt of the success U.S. companies will enjoy in doing business with Europe,” said Robert S. LaRussa, U.S. Under Secretary of Commerce for International Trade.
Give Me Shelter
TRUSTe’s new initiative further addresses the EU’s comprehensive privacy legislation, the Directive on Data Protection, which became effective on October 25, 1998. That directive prohibited the transfer of personal data to any non-EU country that does not meet EU standards for adequate privacy protection.
The safe harbor arrangement that became effective Wednesday was the result of more than two years of discussions between the two sides concerning how to deal with the sweeping EU privacy rule.
Without the safe harbor arrangement, disputes adversely affecting U.S.-EU trade could have resulted. Through an exchange of documents, the safe harbor agreement enables the EU to certify that participating U.S. companies meet the EU requirements for adequate privacy protection.
“The privacy accord and safe harbor agreement is proof positive that self-regulatory mechanisms which enforce policies and resolve disputes are essential components to bridging different jurisdictional approaches to privacy,” Lewin stated.
TRUSTe is an independent, non-profit privacy organization. Nearly 2,000 company Web sites have been certified by TRUSTe since it was founded in 1997.