United States Government Publishing Office
publisher
pbl
distributor
dst
United States
National Archives and Records Administration
Office of the Federal Register
author
aut
Government Organization
text
government publication
eng
FR
Regulatory Information
1999_register
executive
2010-09-24
article
Reports and Guidance Documents; Availability etc.; European Union's Directive on Data Protection; Compliance Guidance for U.S. Organizations
Notices
D09002ee1bdfd1a7b
D09002ee1bdfd1b09
United States
Department of Commerce
originator
org
United States Government Agency or Subagency
United States
International Trade Administration
originator
org
United States Government Agency or Subagency
The Department of Commerce has been working very closely over the last several months with the European Commission to develop clear and predictable guidance to U.S. organizations that would enable them to comply with the European Union's Directive on Data Protection. The Directive, which went into effect late last year, allows the transfer of personally identifiable data to third countries only if they provide an ``adequate'' level of privacy protection. Because the United States relies largely on a sectoral and self-regulatory, rather than legislative, approach to effective privacy protection, many U.S. organizations have been uncertain about the impact of the ``adequacy'' standard on personal data transfers from European Community countries to the United States. Last Fall, the DOC proposed a safe harbor for U.S. companies that choose to adhere to certain privacy principles. As the DOC explained then, the principles are designed to serve as guidance to U.S. organizations seeking to comply with the European Union Directive. Organizations within the safe harbor would have a presumption of adequacy and data transfers from the European Community to them would continue. Organizations could come into the safe harbor by self certifying that they adhere to these privacy principles. The decision to enter the safe harbor is entirely voluntary. As a result of the safe harbor proposal, the European Union announced last Fall its intention to avoid disrupting data flows to the US so long as the US is engaged in good faith negotiations with the European Commission. Last November, the DOC issued draft principles for review and comment by interested organizations, noting that the content of the principles was of course crucial to the proposal. The DOC received numerous written comments in response to that draft and countless additional comments and suggestions in the subsequent months through extensive discussions with interested parties. Generally, the comments the DOC received supported the safe harbor concept. They also raised concerns with certain aspects of the principles, particularly access and onward transfer. Because the principles are quite broad and general, questions were also raised about how they would be applied in specific circumstances. DOC consultations also made clear that US organizations would welcome additional information on the benefits of being in the safe harbor and the procedures that would be followed when they were in the safe harbor. The comments the DOC received have been extremely valuable both in helping the DOC understand how data is protected in practice and in working with the European Commission to find appropriate solutions to issues raised in DOC/EC discussions. Concurrently with DOC discussions with US organizations, the DOC has had extensive discussions with the European Commission about the content and contours of the safe harbor as well as on the comments raised by US organizations. On the basis of our discussions with US negotiators and the EU Commission, the DOC has further refined the safe harbor principles to account for the many views expressed and those of our European counterparts.
64 FR 19747
https://www.govinfo.gov/app/details/FR-1999-04-22/99-10145
99-10145
fr22ap99-29
3510-DR-P
https://www.govinfo.gov/app/details/FR-1999-04-22/99-10145
https://www.govinfo.gov/content/pkg/FR-1999-04-22/html/99-10145.htm
https://www.govinfo.gov/content/pkg/FR-1999-04-22/pdf/99-10145.pdf
2 p.
19747
19748
64 FR 19747
Reports and Guidance Documents; Availability etc.; European Union's Directive on Data Protection; Compliance Guidance for U.S. Organizations; Federal Register Vol. 64, Issue
NOTICE
99-10145
DEPARTMENT OF COMMERCE
International Trade Administration
3510-DR-P
99-10145
Notice of publication.
The Department of Commerce has been working very closely over the last several months with the European Commission to develop clear and predictable guidance to U.S. organizations that would enable them to comply with the European Union's Directive on Data Protection. The Directive, which went into effect late last year, allows the transfer of personally identifiable data to third countries only if they provide an ``adequate'' level of privacy protection. Because the United States relies largely on a sectoral and self-regulatory, rather than legislative, approach to effective privacy protection, many U.S. organizations have been uncertain about the impact of the ``adequacy'' standard on personal data transfers from European Community countries to the United States. Last Fall, the DOC proposed a safe harbor for U.S. companies that choose to adhere to certain privacy principles. As the DOC explained then, the principles are designed to serve as guidance to U.S. organizations seeking to comply with the European Union Directive. Organizations within the safe harbor would have a presumption of adequacy and data transfers from the European Community to them would continue. Organizations could come into the safe harbor by self certifying that they adhere to these privacy principles. The decision to enter the safe harbor is entirely voluntary. As a result of the safe harbor proposal, the European Union announced last Fall its intention to avoid disrupting data flows to the US so long as the US is engaged in good faith negotiations with the European Commission. Last November, the DOC issued draft principles for review and comment by interested organizations, noting that the content of the principles was of course crucial to the proposal. The DOC received numerous written comments in response to that draft and countless additional comments and suggestions in the subsequent months through extensive discussions with interested parties. Generally, the comments the DOC received supported the safe harbor concept. They also raised concerns with certain aspects of the principles, particularly access and onward transfer. Because the principles are quite broad and general, questions were also raised about how they would be applied in specific circumstances. DOC consultations also made clear that US organizations would welcome additional information on the benefits of being in the safe harbor and the procedures that would be followed when they were in the safe harbor. The comments the DOC received have been extremely valuable both in helping the DOC understand how data is protected in practice and in working with the European Commission to find appropriate solutions to issues raised in DOC/EC discussions. Concurrently with DOC discussions with US organizations, the DOC has had extensive discussions with the European Commission about the content and contours of the safe harbor as well as on the comments raised by US organizations. On the basis of our discussions with US negotiators and the EU Commission, the DOC has further refined the safe harbor principles to account for the many views expressed and those of our European counterparts.
Federal Register
Vol. 64, no. 77
Office of the Federal Register, National Archives and Records Administration
1999-04-22
continuing
daily
deposited
born digital
189 p.
Table of Contents:
AE 2.7:
GS 4.107:
AE 2.106:
KF70.A2
https://www.govinfo.gov/app/details/FR-1999-04-22
P0b002ee180a69b2f
0097-6326
0042-1219
0364-1406
769-004-00000-9
000582072
f:fr22ap99
https://www.govinfo.gov/app/details/FR-1999-04-22
https://www.govinfo.gov/content/pkg/FR-1999-04-22/pdf/FR-1999-04-22.pdf
fdlp
19685
19861
DGPO
2010-09-24
2023-05-05
FR-1999-04-22
machine generated
eng
FR
FR-1999-04-22
64
77