出版社:International Association for Computer Information Systems
摘要:The European Commission’s Directive on Data Protection (95/46/EC) has the potential to have enormous impact on US firms’ business practices if they deal with the personally identifiable information of EU subjects. The Directive has extraterritorial effect; it is intended to be enforced on businesses outside the EU. US firms are not necessarily accustomed to the exercise of extraterritorial authority through the DDP, and they have to deal with issues around the Safe Harbor and Contractual Clause methods of compliance. Furthermore, there are questions of whether organizations will actually comply with the DDP. For US firms it would be useful to have an understanding of the historical underpinnings of the DDP, their options for, and the costs and implications of, compliance, and the impact of potential changes in the DDP. This paper discusses the roots of the Directive, its provisions, options for compliance, the difficulties US firms will find in complying with the directive and its implications for US firms.
关键词:Directive on Data Protection; 95/46/EC; privacy; data protection
