STEPS TO PREPARE FOR TRUSTe
EU CERTIFICATION
Michelle Hines
VP of Sales, TRUSTe
Jay Cline
President, Minnesota Privacy Consultants
2
AGENDA
SAFE HARBOR
REQUIREMENTS
TRUSTE
REQUIREMENTS
WATCHDOG
DISPUTE
RESOLUTION
Comparison of EU Data-Transfer Compliance Options
WHY THE SAFE HARBOR?
• For companies with simple & stable transatlantic dataflows
FAQ 7 - Verification
Q: How do organizations provide follow up procedures for verifying that the
attestations and assertions they make about their safe harbor privacy
practices are true and those privacy practices have been implemented as
represented and in accordance with the Safe Harbor Principles?
7
http://www.export.gov/safeharbor/SH_FAQ7.asp
FAQ No 11: Dispute Resolution and Enforcement
Q: How should the dispute resolution requirements of the Enforcement
Principle be implemented, and how will an organization's persistent failure to
comply with the Principles be handled?
8
http://www.export.gov/safeharbor/FAQ11FINAL.htm
DOC SAFE HARBOR LIST
http://www.export.gov/safeharbor/sh_overview.html
9
DISPUTE RESOLUTION COMPARISON
Dispute Resolution
Option
Advantage
EU Data Protection
Authorities
• Public
• Decisions made by a DPA are
binding
TRUSTe
• Information disclosed in Watchdog
process is confidential
• Transparent, fair and equitable
Other governmental
authorities
Public
11
TRUSTe E.U. SAFE HARBOR SEAL PROGRAM
• Verisign
• Audible
• Harris Interactive
• LinkedIn
• Launched in 2001
• 145 licensees
• Millions of consumers
• Notable members:
TRUSTe CERTIFICATION PROCESS
Your organization fills out a TRUSTe contract and self-
assessment incorporating all Safe Harbor Privacy
Principles
TRUSTe conducts an initial site walkthrough and provides
a set of written recommendations in the form of a site
findings report
You implement recommendations on your Web site
TRUSTe awards you privacy seals. Display these where
you collect information to build confidence with customers
TRUSTe ensures ongoing compliance and monitoring
with MAXAMINE scanning and the TRUSTe W