The IT Law Wiki
Explore
Main Page
All Pages
Community
Interactive Maps
Random page
TopContent
Most Visited Pages
Cell phone
Radio frequency spectrum
RFID tag
Cloud consumer
Internet
Newly Changed Pages
Computer terminal
Persuasive evidence
Website operator
Bfdi
Email bombing
Pornography
Message modification
Most Popular Pages
community
Community portal
forum
FANDOM
Fan Central
BETA
Games
Anime
Movies
TV
Video
Wikis
Explore Wikis
Community Central
Start a Wiki
Don't have an account?
Register
Sign In
Sign In
Register
The IT Law Wiki
34,539
pages
Explore
Main Page
All Pages
Community
Interactive Maps
Random page
TopContent
Most Visited Pages
Cell phone
Radio frequency spectrum
RFID tag
Cloud consumer
Internet
Newly Changed Pages
Computer terminal
Persuasive evidence
Website operator
Bfdi
Email bombing
Pornography
Message modification
Most Popular Pages
community
Community portal
forum
Editing
Fair Information Practice Principles
(section)
Back to page
Edit
Edit source
View history
Talk (0)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Self-regulation === To be effective, [[self-regulation|self-regulatory regimes]]<ref>The [[European Union]] ("EU") has recognized that [[self-regulation]] may in certain circumstances constitute "adequate" [[privacy]] protection for purposes of the [[Directive on the Protection of Personal Data|EU Directive]]'s ban on [[data transfer]] to countries lacking [[Adequate privacy safeguards|"adequate" safeguards]]. ''See'' [[Directive on the Protection of Personal Data|EU Directive]] art. 25. The [[EU]] has noted, however, that non-legal rules such as industry association guidelines are relevant to the "adequacy" determination only to the extent they are complied with and that compliance levels, in turn, are directly related to the availability of sanctions and/or external verification of compliance. ''See'' [[European Commission]], [[Directorate General XV]], Working Document: [[Judging Industry Self-Regulation: When Does it Make a Meaningful Contribution to the Level of Data Protection in a Third Country?]] (1998) [hereinafter "Judging Industry Self-Regulation"][http://www.europa.eu.int/comm/dg15/en/media/dataprot/wp7.htm].</ref>should include both mechanisms to ensure compliance (enforcement) and appropriate means of recourse by injured parties ([[redress]]).<ref>Discussion Draft: [[Elements of Effective Self-Regulation for Protection of Privacy]] (1998) [hereinafter "Elements of Effective Self-Regulation"][http://www.ecommerce.gov/staff.htm] (identifying consumer recourse, verification, and consequences as elements of an effective self-regulatory regime).</ref>Mechanisms to ensure compliance include making acceptance of and compliance with a code of fair information practices a condition of membership in an industry association;<ref>''Id.'' In 1997 the [[Direct Marketing Association]] ("[[DMA]]") asked the [[FTC]] for an advisory opinion concerning whether the [[antitrust laws]] would permit it to require three things of its members: (1) to use the DMA's Mail Preference and Telephone Preference Services to honor consumers' requests to not be contacted by direct marketers; (2) to disclose to consumers how members sell or otherwise transfer [[personal information]] about those consumers to others; and (3) to honor consumers' requests that the members not sell or transfer their [[personal information]]. The FTC Bureau of Competition staff advised the [[DMA]] of its conclusion that these requirements, as the [[DMA]] described them, would not harm competition or violate the [[FTC Act]]. ''See'' Letter from Bureau of Competition Assistant Director to Counsel for the DMA, Sept. 9, 1997 ([http://www.ftc.gov/os/9710/dma.htm full-text]).</ref>external audits to verify compliance; and certification of entities that have adopted and comply with the code at issue.<ref> ''See'' Elements of Effective Self-Regulation.</ref>A self-regulatory regime with many of these principles has recently been adopted by the individual reference services industry.<ref>FTC Report to Congress/Reference Services at 25-33. It is still too early to assess the success or efficacy of this plan, because its provisions are not mandatory on its signatories until the end of the year.</ref> Appropriate means of individual [[redress]] include, at a minimum, institutional mechanisms to ensure that consumers have a simple and effective way to have their concerns addressed.<ref>There may, alternatively, be a role for mechanisms to address practices affecting consumers as a group, such as industry or trade association ethics or screening committees that can resolve broader disputes.</ref>Thus, a [[self-regulation|self-regulatory system]] should provide a means to investigate complaints from individual consumers and ensure that consumers are aware of how to access such a system.<ref>''See'' Elements of Effective Self-Regulation.</ref> If the [[self-regulation|self-regulatory code]] has been breached, consumers should have a remedy for the violation. Such a remedy can include both the righting of the wrong (''e.g.,'' correction of any misinformation, cessation of unfair practices) and compensation for any harm suffered by the consumer.<ref>Several fair information practice codes suggest compensation for injuries as an important element of fair information practice. ''See'' HEW Report at 50 (calling for Code of Fair Information Practices that provides for [[actual damages|actual]], [[liquidated damages|liquidated]], and [[punitive damages]]); OECD Guidelines, Accountability Principle & ¶14 and Explanatory Memorandum ¶62 (accountability supported by legal sanctions); IITF Report §III.C ("envision[ing] various forms [of redress] including . . . informal complaint resolution, [[mediation]], [[arbitration]], civil litigation . . . ."); see also Judging Industry Self-Regulation at 5.</ref> Monetary sanctions would serve both to compensate the victim of unfair practices and as an incentive for industry compliance. Industry codes can provide for [[alternative dispute resolution]] mechanisms to provide appropriate compensation.
Summary:
Please note that all contributions to the The IT Law Wiki are considered to be released under the CC-BY-SA
Cancel
Editing help
(opens in new window)
Follow on IG
TikTok
Join Fan Lab