|
|
[Home] [Databases] [Search] [Feedback] [Help] | |
Privacy Law Resources |
Company specific privacy standards are a means of displaying a company's commitment to privacy, without the need for wider regulation, and may become useful instruments for persuading consumers to accept certain privacy sensitive products, including smart cards.
"The key factors in moving smart card technology beyond the pilot project stage will be its social acceptability, which will only develop if the public is assured that it is not a prying, pervasive technology, and that the value of smart cards in terms of efficiency does not override the rights and needs of individuals (eg. dignity, autonomy and privacy)." 49
The idea that a privacy standard can be developed and implemented by an individual firm or organisation, rather than by the entire industry or sector, has received some support in Canada, where the Ontario Privacy Commissioner has proposed the following privacy protection requirements for all smart card applications:
Smart card systems should be open and transparent to data subjects;
Data subjects should have the right to participate in the determination of what personal information the card contains and who has access to it;
Data subjects should have the right of access to and correction of information held about them;
All uses and disclosures of information on the card should be subject to the prior and informed consent of the data subject;
Where possible, individuals should be free to refuse the card without jeopardising their access to the service involved;
The full measure of security available through the technology should be used to prevent misuse or inadvertent access. The use of smart cards to conduct computer matches or linkages should be restricted; and
Smart card technology should only be used by government organisations to enhance access to government information and services and not as an instrument of social control.
Figure 5 provides an explanation of how these proposed company specific standards might be implemented by the preparation of a privacy impact statement. Companies would have to prepare these statements for each proposed smart card application.
The Committee believes that voluntary company specific privacy standards are a weak form of regulation, and that general privacy legislation backed up by industry codes will achieve a better result for a much wider population, and provide a much higher level of protection.
Reliance on individual companies to protect privacy has not worked in the past, and there is nothing to indicate that smart card companies will draw up privacy impact statements, or develop their own privacy standards. Where companies do draw up their own privacy standards, these standards are often advertised in such a way as to imply that they provide complete privacy protection, but in the Committee's experience, this is rarely the case.
Individual companies are also unlikely to have staff with experience and expertise in developing methods of protecting privacy.
The Committee believes it is important to have some form of mechanism for the independent review of a company's privacy standards, and an independent complaints handling procedure. These aims are best met by general privacy legislation and industry wide codes.
PRIVACY IMPACT STATEMENTS
To implement the proposed privacy standard, the Ontario Privacy Commissioner suggests that a privacy impact statement is developed by each smart card promoter.
The statement should include the following as a minimum:
a description of the proposed smart card application;
a discussion of how the proposed application is in compliance with current legislation;
an evaluation of the probable or potential effects that the proposed smart card application would have on the privacy of the data subjects and users;
a discussion of what methods will be introduced to restore any lost degree of privacy should the introduction of a smart card application compromise existing levels of privacy enjoyed by data subjects;
a description of all the personal information to be collected for the entire application, the manner of collection, the method of notification, and the reasons why that information is necessary and relevant;
a description of the personal information to be held on the card and why;
a listing of the proposed authorised users and what levels and/or types of access would be provided;
a description of the proposed procedures for data subjects to gain access to, and correct their personal information, including a mechanism for appealing denial of access or correction;
a description of the procedures to be used to ensure, as much as possible, the accuracy and timeliness of all personal information;
a description of all the security measures to be used to ensure the protection of personal information and to restrict the possibility of unauthorised computer matching or linkages;
a description of what previously unavailable/available personal information the proposed application would reveal or protect, make available or unavailable to any party; and
identification of the individual(s) responsible for the on-going assurance of security and privacy protection. 50
Figure 5.