|
ICC Commission on E-Business, IT and Telecoms (EBITT)
Task Forces
Task Force on Privacy and the Protection of Personal Data
Chair - Christopher Kuner (Hunton & Williams, Belgium)
Data Protection and Privacy
In today's digital and interconnected world, businesses need to move and process information across locations and networks to serve their global customers in faster, more efficient and cost-effective ways. Members of this task force are kept up to date on data protection developments around the world that affect their businesses in areas such as international data transfer, RFID, whistleblower hotlines, and human resources data. This task force works to streamline processes and save companies money by developing standardized, practical tools.
Tools for Business
Policy Statements
Other topics
- French Data Protection Authority (CNIL) guidelines on anonymous hotlines – ICC input in English and in French
- Data Protection Issues related to RFID technology – EU Article 29 Working Party
In response to the European Commission public consultation on the Working Document on data protection issues related to RFID technology, the Task Force on Privacy and Protection of Personal Data drafted a joint response from ICC, the European Information, Communications and Consumer Electronics Technology Industry Association (EICTA), International Communications Round Table (ICRT), and the Japan Business Council in Europe (JBCE).
Joint response by ICC, EICTA, ICRT and JBCE
EU Standard Contractual Clauses for the Transfer of Personal Data
In a move to standardize and speed up transfers of international data worldwide, ICC, in conjunction with other business organizations, has worked with the European Commission to establish standard contractual clauses for international transfers of data. On 27 December 2004, the European Commission approved standard contractual clauses for the transfer of personal data from EU to non-EU countries proposed by seven international business associations, judging them as offering an “adequate level of data protection" under the EU's strict data protection laws. The most recent proposal by business covers flows of personal data from the EU to non-EU countries between data controllers and data processors.
Related documents:
Return to top
Binding Corporate Rules for the Transfer of Personal Data outside EU
The EU Data Protection Directive 95/46/EC allows personal data to be transferred outside the EU only when the transfer provides an “adequate level of protection” for the data. Binding corporate rules (BCRs) – corporate codes which contain measures to ensure data protection in transfers from one country within the EU to a country outside it – are one of the ways in which such an “adequate level of protection” may be demonstrated. Until ICC introduced its standard application, companies had to submit different application forms to each EU member state when asking data protection authorities to approve their BCRs. ICC’s initiative to help businesses demonstrate their compliance and standardize the process for transferring data internationally from any EU country is now the foundation of the form adopted by all European data protection authorities.
Related documents:
Available in English, French and Arabic. The Arabic translation was provided courtesy of Abu-Ghazaleh Translation, Distribution and Publishing.
Return to top
Basel II initiative of the Bank for International Settlements (BIS)
Basel II requires banks to collect and exchange huge amounts of data, including customer data falling under data protection legislation. To find out more and collect facts on the problems that banks experience in the field of Basel II and data protection, ICC developed a questionnaire.
Related documents:
Return to top
Privacy Toolkit
Effective and appropriate privacy protection is a business enabler, not a barrier. It is a way to ensure consumer confidence and trust, and an enabler of lasting and fruitful customer relationships. Global business supports the use of a wide range of privacy enabling measures, and recognizes that there is no ‘one size fits all’ approach to privacy protection. This Toolkit sets out the business context for privacy protection and describes the characteristics and benefits of optimal privacy protection regimes.
ICC advocates consensus on principles for the use of personal data, and flexibility on the many mechanisms that can be used to apply these principles and ensure compliance. This Toolkit points out the potential adverse effects of relying too heavily on overly burdensome and legislation-centered approaches to privacy protection. It concludes with a set of action items for governments to promote appropriate and effective privacy protection regimes.
Related documents:
Return to top
For more information please contact:
Elizabeth Thomas-Raynaud
Policy Manager
Tel: +33 1 49 53 28 07
Fax: +33 1 49 53 28 59
Email: Click here to send an email
Back to EBITT Commission page
| 
