U.S. companies face stricter privacy rules abroad
Computerworld - CLEVELAND -- IT managers have long known that privacy rules can have a direct impact on database design and customer relationship systems. Now, they're also learning that foreign privacy requirements can affect IT in ways that you wouldn't expect. Take the case of Eaton Corp.
Eaton, a diversified manufacturing company here with 52,000 employees, conducts remote periodic scans of PCs at its European offices from its headquarters to ensure its systems are operating with an accurate inventory of licensed software. It also conducts remote virus scans.
But before these scans can be conducted, European rules state that the employee who works on the PC must be notified that the system is about to be scanned, said Jack Matejka, Eaton's director of IT security. The rules were intended to give employees notice if a company decided to review data files or a browser's cache files, but they also affect routine system maintenance. "This is one of the new issues that we have to learn about," he said.
And there is a lot to learn. Corporations are struggling to comply with the European Union's privacy rules as well as an emerging set of stringent data-sharing requirements in Canada.
For instance, consumer products giant The Procter & Gamble Co. in Cincinnati solved the problem of global privacy compliance by adopting a set of customer privacy rules that can meet Europe's standards, which are considered the most demanding because of provisions giving customers access to data about them and allowing them to choose how that data is used.
Adopting different privacy standards for various countries "creates added cost and potential problems," said Mel Peterson, Procter & Gamble's privacy manager. But that wasn't the only reason for adopting the higher standard. Strong privacy rules also build customer trust, he said.
"If you're not giving [consumers] control, why should they have any confidence in giving information to you?" said Peterson, at the Privacy 2001 conference sponsored by the Ohio Supercomputer Center's Technology Policy Group in Columbus, Ohio.
Companies operating in the U.S aren't required by law to offer any specific privacy protections unless they are in a regulated industry, such as financial services and health care. But foreign privacy standards will affect more U.S. companies, primarily because of actions by Canada, the U.S.'s largest trading partner.
Canada is phasing in a set of privacy rules similar to the European rules. Beginning this year, it applies to regulated Canadian businesses, including airlines, banks and telecommunications firms. Once it's fully implemented, the law will cover any business that collects personally identifiable information.
Giving customers choice on how information is used "is a better way to earn their loyalty," said Peter Cullen, the chief privacy officer at the Royal Bank of Canada in Quebec. "We think of this more as a business opportunity as opposed to a regulatory burden or law."
Related stories:
- Watchdog group rips financial firms on privacy practices, Aug. 29, 2001
- Canada's privacy law changing some privacy policies, Aug. 17, 2001
- The politics of privacy , Aug. 13, 2001
Privacy
Additional Resources



Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
White Papers & Webcasts
Data Manager Report Excerpt: File System Inventory
Cut storage costs and boost operational efficiencies.
Data Protection and Disaster Recovery with iSCSI and VMware
Get this on demand webcast now
Reducing Storage Costs with F5 ARX
Save money- deploy ARX Solutions.
Key Strategies for Managing Data Growth
What are you storage challenges?
Southern Company
Download Now
Extending Client Refresh - 11 Steps to Maximize Savings
Register Now!
Defending Against the Storm
Download Now
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Share our Strength
Download Now
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
