HIPAA news
HIPAA advisory
HIPAAdvisory > HIPAAnews > Current News Phoenix Health Systems
news
regs
action
tech
views
wares
alert
live
notes
latest
online HIPAA training
HIPAAstore
HIPAA help desk
search
contact us
site map

EU Web Sites No More Private than US

January 25, 2001 -- Existing measures put in place by various governments to protect people's privacy is not adequate, according to a study released today by Consumers International, a global federation consumer organizations. Despite tight EU regulation, sites within the EU are no better at telling users how they use their data than sites based in the US. Indeed, some of the best privacy policies were found on US sites.

Additionally, the study concluded that:

  • Just over two thirds of sites collect some sort of personal information and almost all of these sites asked for details that made it easy to identify and contact the person.
  • The vast majority of sites gave users no choice about being on the site's own mailing list or having their name passed on to affiliates or third parties.
  • The most popular US sites were more likely than the EU ones to give users a choice about being on the company's mailing list or having their name passed on, despite the existence of legislation which obliges EU-based sites to provide users with a choice.
  • Only ten percent of sites targeting children asked children to get their parents' consent before giving personal information or to tell their parents afterwards.

"Too many companies collect a lot of unnecessary, very personal information about their customers - and because of inadequate implementation of existing government measures people don't have control over their data," says Anna Fielder, Director of the Office for Developed and Transition Economies of Consumers International.

Consumers International is now calling for policy makers at the national and international level to take urgent action to adopt laws, rules and procedures as necessary to ensure that:

  • users are given control over the collection, use and disclosure of their personal information and that personal information is only collected and held as long as necessary to fulfill the original purpose for collecting it
  • users can easily check, correct or delete any data a sites may hold about them and that it is collected, stored and transmitted in a secure manner appropriate to the sensitivity of the data;
  • an independent oversight body is established to ensure compliance, provide for adequate sanctions for violations and give cheap and quick access to redress;

Likewise, companies immediately need to incorporate internal practices in line with all existing legislation and guidelines regarding privacy of personal data.

The report by Consumers International provides a five-point plan for people to protect themselves from misuse of private information in e-commerce. The five-point plan is:

  1. Limit disclosure of your personal information.
  2. Set up a separate e-mail account for e-commerce activities.
  3. Reject cookies planted in your computer by intrusive businesses.
  4. Consider using an Internet privacy tool which allows you to surf anonymously.
  5. Learn about your legal rights and be prepared to use them.

The survey, conducted between March and July 2000 by 13 national consumer organizations, identified and examined 751 Internet sites based in the EU or US where consumers were likely to be asked to give personal information. This included retail sites, financial sites, health-related sites, sites targeting children and the most popular or heavily used sites on the web.

The full report is available here and the 5 point check list here.

Go to TOP