Posted by Chenxi Wang on September 21, 2011
The security group at Forrester has been handling a steady stream of client inquiries regarding EU data privacy laws, from both EU and North America clients. While there are many good legal sources out there, we thought it'd be a good idea to compile a list of common Q&A questions about EU privacy laws into a report, to serve as a definitive information source for Forrester clients.
The report, titled: “Q&A: EU Privacy Regulations,” is now live on Forrester's website. It is not our intention, by writing this report, to give legal advice. Rather, we envisioned this report to be a repository of the most important information regarding EU privacy laws, updated every 18 months or so. The report has a wealth of information, including links to actual information sources – be that EU's data protection directive web site or interesting studies/analysis done by external parties. For example, one noteworthy study on US Safe Harbor is by Chris Connelly from Galexia consulting. He looked at 2,170 US companies that claimed to be Safe Harbor compliant. Out of these, 940 do not provide information on how to enforce individuals' rights; 388 were not even registered with the US Department of Commerce.
The report also contained information on Model Clauses and Binding Corporate Rules, for which we are beginning to see increased interest. We also discussed new and pending privacy laws in the report, including the EU “cookies” directive and EU's view on geo-location privacy.
We'd love to hear your thoughts on the report, or whether there is anything else that you'd like us to include in a future revision of the report.
In addition, Eve Maler, Chris Sherman, Eric Chi, and I are working on a brand new privacy regulation project – we are analyzing privacy regulations around the world and are in the process of compiling our findings into a privacy heatmap. Soon, you will see this heatmap on the security content site – hopefully on Forrester's site as well. It will be an interactive heatmap, where you can click on a country and find out the essential information about the country's privacy laws and regulations. We can't wait to unveil the result of the project. Stay tuned!