Baker Hostetler Cincinnati attorney Craig A. Hoffman authored an article titled, “Self-Regulating Online Privacy: Avoiding Data Breaches,” which appeared in the Cincinnati Bar Association’s CBA Report, March 2011.
In the article Hoffman says that if businesses have not yet focused on privacy and data security, they should start now. Two issues expected to draw the most attention this year are online privacy, especially behavioral advertising and data security (preventing data leaks and security breaches).
In December 2010, the Federal Trade Commission (FTC) and Department of Commerce (DOC) published separate reports outlining best practices for online privacy frameworks for businesses that collect, use and share consumer data. The FTC recommends that businesses simplify choices for consumers, follow the Fair Information Practice Principles, create a “Do Not Track” mechanism and embed privacy in the development stage of new products. The DOC recommends a framework that would enhance consumer trust through revitalized Fair Information Practice Principles, creation of a Privacy Policy office within the DOC, encourage global interoperability and ensure nationally consistent security breach notification rules.
According to Hoffman, the component of the FTC and DOC proposals drawing the most attention is the Do Not Track mechanism because even if you have carefully configured the privacy settings on your web browser, most of your internet activities are still recorded by third parties using online tracking mechanisms.
The risk of a company’s sensitive data being leaked and becoming front page news is not just a concern for companies with embarrassing events in their past—the risk applies to any company with sensitive competitive data and trade secrets.
It is critical that companies understand what data they have, where it is stored, how it is used, how it is secured, how it is shared and how it is disposed of when no longer needed.
VIEW FULL ARTICLE