|
|
|||
|
|
OECD Privacy-D
What Is This Page? This page is a discussion of my privacy policies, in accordance with the privacy principles established by the Organization for Economic Cooperation and Development (OECD). This page was developed, in part, through the use of the OECD Privacy Statement Generator located at cs3-hq.oecd.org/scripts/pwv3/pwhome.htm. The resulting statement has been substantially edited both to fit the style and tone of this site as well as the secondary educational goals of this page. In addition, all of the substance of these notices are also provided on my Privacy Statement page. But this OECD page presents them in a slightly different order and a slightly different form. Other Privacy Pages On My Site General Privacy Page The general privacy page provides an overview of all of my privacy policies. Although it is lengthy and thorough, I still think it is easy to read. You might even find a bit of humor if you look for it. It also provides links to my specific privacy pages including: CIPEA Tone On Wednesday, 26.Jul.2000, Senators Spence Abraham, John McCain and John Kerry introduced the Consumer Internet Privacy Enhancement Act (CIPEA). This proposed legislation never made it into the law. But I used the law as a model to construct a privacy statement which would comply. I did it as an exercise in learning more about privacy principles. I have created a CIPEA privacy disclosure page (which I call CIPEA Tone) to clarify the the notices proposed by CIPEA (Consumer Internet Privacy Enhancement Act). All of the disclosures on the CIPEA Tone page are duplicates of disclosures on my privacy page, but they have been "organized" according to the structure of CIPEA. This page also provides background and impact information regarding CIPEA and links to other articles and resources for CIPEA. COPPA Cabana I have created a COPPA Privacy Disclosure page (which I call COPPA Cabana) to provide the notices required by COPPA (Children's Online Privacy Protection Act) related to information practices of this site regarding personal information and privacy of children. This page also provides background and impact information regarding COPPA and links to other articles and resources for COPPA. What is this Site? This site is my personal website. I use this site to explore topics I'm interested in and to promote myself. Where is this Site? I am located in the United States of America. The web host for this site is also located in the United States of America. What is OECD? The OECD is a club of like-minded countries. The 30 member countries participate in the organization to discuss, develop and perfect economic and social policy. They compare experiences, seek answers to common problems and work to co-ordinate domestic and international policies. Their exchanges may lead to agreements to act in a formal way - for example, by establishing legally-binding codes for free flow of capital and services, agreements to crack down on bribery or to end subsidies for shipbuilding. More often, their discussion serves to inform internal national work on areas of public policy and helps to clarify the impact of national policies on the international community. It is rich, in that OECD countries produce two thirds of the world's goods and services, but it is not an exclusive club. Essentially, membership is limited only by a country's commitment to a market economy and a pluralistic democracy. The core of original members has expanded from Europe and North America to include Japan, Australia, New Zealand, Finland, Mexico, the Czech Republic, Hungary, Poland and Korea. You can learn more about OECD from their website at www.oecd.org. Does OECD "Require" This Site to Post This Information? No. But I post it because I am working to remain aware of privacy issues and posting this, and similar notices, helps me to explore the different concerns and ramifications of policies. Thus, posting this information:
Where Can I See the Text of the OECD Privacy Guidelines? The OECD has established Guidelines on the Protection of Privacy and Transborder Flows of Personal Data.
(The prior link is for a "security
restricted" version of the document. That Is a Huge Document; Can You Summarize? What Does This Document Require? The guidelines create seven Privacy Principles. These are:
Collection Limitation Principle "There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject".
[Paragraph 7 of the OECD Privacy Guidelines
Data Quality Principle "Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date"
[Paragraph 8 of the OECD Privacy Guidelines
Purpose Specification Principle "The purposes for which personal data are collected should be specified not later than at the time of data collection and the subsequent use limited to the fulfillment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose."
[Paragraph 9 of the OECD Privacy Guidelines
Use Limitation Principle "Personal data should not be disclosed, made available or otherwise used for purposes other than those specified in accordance with Paragraph 9 [Purpose Specification Principle] of the OECD Privacy Guidelines except: a) with the consent of the data subject; or b) by the authority of law."
[Paragraph 10 of the OECD Privacy Guidelines
Security Safeguards Principle "Personal data should be protected by reasonable security safeguards against such risks as loss or unauthorized access, destruction, use, modification or disclosure of data."
[Paragraph 11 of the OECD Privacy Guidelines
Openness Principle "There should be a general policy of openness about developments, practices and policies with respect to personal data. Means should be readily available of establishing the existence and nature of personal data, and the main purposes of their use, as well as the identity and usual residence of the Data Controller."
[Paragraph 12 of the OECD Privacy Guidelines
Individual Participation Principle "An individual should have the right:
[Paragraph 13 of the OECD Privacy Guidelines
Accountability Principle "A Data Controller should be accountable for complying with measures which give effect to the principles stated above."
[Paragraph 14 of the OECD Privacy Guidelines
What Is "Personal Data"? The OECD Privacy Guidelines use "Personal data" in the broadest possible way. It includes "any information relating to an identified or an identifiable individual". Thus, it includes any kind of information once linked with an individual. What "Personal Information" Does This Site Collect? I offer three opportunities for people visiting my site to give me "personal information":
I also collect information through the webserver (e.g., the referring URL), but that information is never associated with an individual and is not "personal information" for these purposes. Even though the webserver information is not considered "personal information" I discuss it on this page for completeness. Information Collected By the Webserver If you visit this site, the webserver will automatically collect:
Information Collected for Email/Ezine Lists When you join any of my email/ezine lists (e.g., Snippets and TestZine), I keep your email address (because it really wouldn't make much sense to have an email/ezine list if I didn't keep your email address). And I keep information necessary to provide an audit trail in order to comply with the CAN-SPAM Act of 2003. Here is a list of Subscription Information that I keep for all email/ezine lists I host on my site using my Gammadyne Mailer system: Personal and Status Information
Current Issue Information
Subscription Process Information
Unsubscription Process Information
Pending Confirmation Information
Miscellaneous Information
EzinePrivacy.org I follow the Core Principles of Ezine Privacy from EzinePrivacy.org. I defend the privacy of ezine subscribers and never track personal information, like when you open my ezine and whether you forwarded it to a friend. Information Collected Through My Guestbook If you sign my Guestbook, the Guestbook will show whatever information you leave. If you leave me your email address, it will show your email address. If you leave your name, it will show that. If you leave the URL of your website, it will show that. If you leave your name, your dog's name and your birthday, it will show that. Information Collected Through Email to Me If you send me an email, I will have your email address as well as anything else you tell me. Cookies I don't use cookies. Period. Children's Data I don't knowingly collect data from children. I use simple tools to discourage disclosure by children. And, if I discover personal data from children, I delete it. For more information, see my COPPA Cabana page. What Is a "Data Controller"? The Data Controller is an important figure in the OECD scheme. In stating the Openness Principle, Paragraph 12 of the OECD Privacy Guidelines says:
In stating the Accountability Principle, Paragraph 14 of the OECD Privacy Guidelines says:
In the definitions of the OECD Privacy Guidelines it says:
Note that the Data controller may be a natural person or a "legal person". Thus, it could be an individual. Or, alternatively, it could be a public authority, an organization, a department within an organization or a board of directors. Who is the Data Controller for this Site? I am the Data Controller for this site. My contact information is:
Collection Limitation Principle
[Paragraph 7 of the OECD Privacy Guidelines
You can access the pages of this site without disclosing any personal information. As stated before, I offer three opportunities for people visiting my site to give me "personal information": All such data collection occurs lawfully and by fair means and with the full knowledge and consent of the data subject. Data Quality Principle
[Paragraph 8 of the OECD Privacy Guidelines
As stated before, I offer three opportunities for people visiting my site to give me "personal information": In each of these cases, the relevance is either dictated by the nature of the use (e.g., an email address for an email list) or is independently deemed relevant by the data subject. All such information can be easily updated at any time using the same techniques used to originally supply the information. Purpose Specification Principle
[Paragraph 9 of the OECD Privacy Guidelines
As stated before, I offer three opportunities for people visiting my site to give me "personal information": In each of these cases, the purpose is specified at the time of the data collection or earlier. The information is only used for these purposes. (e.g., an email address for an email list is only used for the email list). Use Limitation Principle
[Paragraph 10 of the OECD Privacy Guidelines
As stated before, I offer three opportunities for people visiting my site to give me "personal information": As far as whether I would give it to third parties, let me quote from my Privacy Statement page:
Security Safeguards Principle
[Paragraph 11 of the OECD Privacy Guidelines
As stated before, I offer three opportunities for people visiting my site to give me "personal information": Except for Guestbook information (which is shared with the whole world) all information provided is protected against loss or unauthorized access, destruction, use, modification or disclosure. Openness Principle
[Paragraph 12 of the OECD Privacy Guidelines
I am very open about my policies relating to personal data. I offer a general privacy statement, a COPPA compliance statement, a CIPEA compliance statement and this OECD disclosure. I fully disclose what data is collected, how it is collected and what it is used for. I also fully disclose the identity and usual residence of the Data Controller (who, if you haven't figured it out by now, is me.) Individual Participation Principle
[Paragraph 13 of the OECD Privacy Guidelines
Yep. I do that. General If you'll email me, I'll tell you how to check to see if I have any personal information about you. Email/Ezine Information If you are subscribed, you get the emails. If you are not subscribed, you do not. Guestbook Information If you view the guestbook, you can see the information I have. Email Information I don't keep this information and routinely purge it. Accountability Principle
[Paragraph 14 of the OECD Privacy Guidelines
Yep. I do that too. Links On My Site
Links Across the Net
|
Privacy Statement
Organization for Economic Co-operation and Development (OECD)|
This page created: before Sun, 26.Nov.2001
Last updated: |
|
|
|
|
|
|
|
|
||
|
|
|
|
|
|