 |
||||
 | |
| ||
|
||||
| ||||
|
|
||||
RESEARCH CENTERS
Applications
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.
Storage
WAN Services
Web/e-commerce
Wireless/Mobile
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.
Storage
WAN Services
Web/e-commerce
Wireless/Mobile
SITE RESOURCES
Daily News
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings
TODAY'S NEWS
/
Security concerns prompt Safe Harbor site changes
 
|
|||
 | |||
|
Security concerns prompted a U.S. government agency to remove two features from its Web site designed to aid the flow of personal information and commerce between the U.S. and the European Union, according to a notice posted on the site.
A self-certification form and the "Safe Harbor list" were removed last Thursday from Safe Harbor, a Web site operated by the Department of Commerce, "in order to review the security of the information submitted to the Department by U.S. organizations," according to a posting on the site. Though the data in question was removed from the site when security questions were raised, "we haven't found any compromised data," said a Department of Commerce official. Sensitive information that could potentially have been exposed includes sales levels and numbers of employees of member companies, said the official, adding that it's not clear yet whether that information did in fact become available. Seventy-two companies are involved in the Safe Harbor program including Microsoft, Intel and Hewlett-Packard. Despite sections of the Web site being offline, Safe Harbor is "still taking plenty of inquiries each day" via fax, the official said. The Safe Harbor site was established to help smooth over differences in the way the E.U. and the U.S. regulate online privacy and to aid in cross-border commerce. In 1998, the E.U. passed the Directive on Data Protection, which prohibits the transfer of personal information to non-European nations who don't meet with standards set out in the directive. In order to ensure continued flow of information, the U.S. created a "safe harbor" system -- implemented in the Safe Harbor Web site -- for U.S. companies doing business in Europe. When agreeing to become a Safe Harbor member, a company pledges to make the information it has gathered about individuals accessible, changeable and secure. Companies must also notify users that information is being collected and why, give them the opportunity to opt out and may only pass the information on to other Safe Harbor or Directive on Data Protection-compliant bodies. The two removed features are expected to be reintroduced soon, "hopefully by tomorrow," the Department of Commerce official said. "We're not going to fast-track this," the official said. "We're going to look at this very carefully."The IDG News Service is a Network World affiliate.
Related Links
 |
 |
 |
|||||
|
|
|
|
|
|||