The basic building blocks of this framework are:
- Scope: The framework applies to all commercial entities that collect or use consumer data that can be reasonably linked to a specific consumer, computer, or other device.
Note: This is not limited only those who collect PII data, if you collect any information about a consumer then this applies to you. However commission is seeking input on how to determine
�reasonably linked to a specific consumer�� - Privacy by Design: Companies should promote consumer privacy throughout their organizations and at every stage of the development of their products and services.
- Companies should incorporate substantive privacy protections into their
practices, such as data security, reasonable collection limits, sound
retention practices, and data accuracy. - Companies should maintain comprehensive data management procedures
throughout the life cycle of their products and services.
Note: You might need to assign a person to oversee that privacy of data is built into your products/services/process etc. Think, �Chief Privacy officer�.- Ensure physical data protection
- Do not collect what is not required
- Do not retain data for longer than it is required
- Ensure accuracy of the data so that you do not harm someone because of the inaccurate data
- Companies should incorporate substantive privacy protections into their
- Simplified Choice: Consumers face considerable burdens in understanding lengthy privacy policies and effectively exercising any available choices based on those policies. Under proposed framework, companies should simplify consumer choice.
- Companies do not need to provide choice before collecting and using consumers� data for commonly accepted practices, such as product fulfillment.
This also includes tracking for improving the sites (Web Analytics), fraud protections, legal compliance and first party marketing. - For practices requiring choice, companies should offer the choice at a time and in a context in which the consumer is making a decision about his or her data.
- Companies do not need to provide choice before collecting and using consumers� data for commonly accepted practices, such as product fulfillment.
- Greater Transparency: Companies should increase the transparency of their data practices.
- Privacy notices should be clearer, shorter, and more standardized, to enable better comprehension and comparison of privacy practices.
- Companies should provide consumers with reasonable access to data about themselves; the extent of access should depend on the sensitivity of the data and the nature of its use.
- Companies must provide prominent disclosures and obtain affirmative express consent before using consumer data in a materially different manner than claimed when the data was collected.
- All stakeholders should work to educate consumers about commercial data privacy practices.
Read my other articles on Privacy
----------------------------------------------------------------------------------------------------
Open Web Analytics and Online Marketing Jobs
0 comments:
Post a Comment