Protecting Customer Privacy
By Friedman, Rachel
Privacy-it's getting tougher to maintain, as is evidenced by the,
rise of identity theft. In fact, a growing number of Americans are
making demands on corporate America to treat their personal
information with secrecy. According to a Harris Poll sponsored by
Microsoft, 60% of Americans said they've decided not to support a
store because of doubts about the store's privacy protections. What
is surprising is that it isn't just marketers who are trying to
access personal information. The government has drafted private
industry for "data collection duty" in the war on terror.
So how can businesses keep customers* personal information under
wraps when the USA PATRIOT Act allows the government to collect this
sort of information? Jacqueline Klosek, an attorney and author of the
new book The War on Privacy advises clients on issues related to data
privacy and security. As a certified information privacy
professional, Klosek believes private industry faces a precarious
balance, trying to simultaneously maintain consumer privacy while
also complying with governmental demands for information.
"This issue is not going to just disappear," says Klosek. "The war on
terror has reduced privacy rights in the United States and around the
world. The bottom line is whether the feds are leaning on your
company for records or you've suffered a security breach by hackers,
your reputation is at stake and you've lost your customers' trust."
Klosek is a senior counsel in the business law department of Goodwin
Procter LLP, where she practices in the intellectual property
practice area. She is also the author of two other books: The Legal
Guide to e-Business and Data Privacy in the Information Age. As a
certified information privacy professional,
advisory board for "The Privacy Advisor" of the International
Association of Privacy Professionals and is the co-chair of the
international working group of that organization. Her credentials
also include being an active member of the American Bar Association,
the International Bar Association, and the International Association
of Young Lawyers.
Klosek routinely advises businesses to follow all privacy measures
required by law. In addition to these measures, she offers her
clients the following tips:
1. Conduct an internal audit: Before you can inform your consumers
about your privacy policies and practices, you must first understand
what they are. Businesses should conduct an internal audit to
understand what data they are collecting, how they are using that
data, with whom they are sharing that data, how that data is being
protected, and related issues.
for collecting and using customer information are clarified, these
policies should be communicated to customers and clients through a
how your company can be contacted regarding information and the types
of third parties that will have access to such information. Also, be
sure to follow all laws and legal requirements in this regard.
broad as possible. This will give your company greater latitude if
you are forced by the government to hand over data or if you are
faced with other potentially unanticipated events such as corporate
restructuring, mergers, and acquisitions.
4. Plan ahead and be prepared for the inevitable: Anticipate the fact
that your company could face a government subpoena demanding your
client's personal information records. By understanding that this can
happen, you can suitably prepare your policies to set your clients'
and customers' expectations regarding the privacy of their personal
information. This may help you avoid making a strong privacy promise
to consumers that governmental demands will not allow you to keep.
5. Seek prior consent: Ifs a smart idea to obtain prior consent from
your clients or consumers about potential personal data transfers
that could be subpoenaed by the government. The same holds true for
other types of transfers, including transfers to business partners
and service providers.
6. Conduct due diligence when outsourcing: Examine the third- party
sei-vice provider's experience with privacy and data security.
Investigate any privacy complaints the service provider has faced and
make sure you're complying with all U.S. and foreign laws when
7. Protect your website: It's good practice to implement a web-
monitoring program that automatically runs privacy scans to ensure
that the site hasn't been compromised and that privacy measures
Protecting customers' privacy is becoming a more cumbersome task with
the advances in technology and the war on terror. "Ironically, the
erosion of individual privacy rights here and abroad occurs under the
guise of enhancing national security," says Klosek. "The surprising
fact is that this so-called greater protection renders private
citizens more exposed than ever before."
Rachel Friedman is a freelance writer. Send your comments about this
article to itletters@infotoday
"The answer(s)/advice(s) on this Group web-site are the personal opinions of the members who sent those messages. They may/or may not be based on research(s)/opinion(s) on the fact(s) provided to the Group in the said query, and any advice tendered here is subject to the accuracy of the description of facts, proposed transactions, and their purpose and
whether they constitute a complete and accurate disclosure of all
relevant fact(s), and provided the proposed transaction(s) is completed
in the stated manner. The Group Owner/Moderator and/or the group
member(s) do not even imply the accuracy or value of any advice
submitted by its member(s) and are not liable for any damages or costs,
if any, suffered through the acceptance or putting into operation either
the whole or part of any advice so tendered on the group-site. If you
have any question(s), please do not hesitate to seek clarification(s)
Earn your degree in as few as 2 years - Advance your career with an AS, BS, MS degree - College-Finder.net.