“This issue is not going to just disappear,” says Klosek. “The war on terror has reduced privacy rights in the United States and around the world. The bottom line is whether the feds are leaning on your company for records or you’ve suffered a security breach by hackers, your reputation is at stake and you’ve lost your customers’ trust.”
Klosek routinely advises businesses to follow all privacy measures required by law. In addition to these measures, she offers her clients the following additional tips:
1. Conduct an Internal Audit. Before you can inform your consumers about your privacy policies and practices, you must first understand what they are. Businesses should conduct an internal audit to understand: what data they are collecting, how they are using that data, with whom they are sharing that data, how that data is being protected and related issues.
4. Plan Ahead and Be Prepared for the Inevitable. Anticipate the fact that your company could face a government subpoena demanding your client’s personal information records. By understanding that this can happen, you can suitably prepare your policies in order to set your clients’ and customers’ expectations regarding the privacy of their personal information. This may help you to avoid making a strong privacy promise to consumers that governmental demands will not allow you to keep.
5. Seek Prior Consent. It’s a smart idea to obtain prior consent from your consumers/clients about potential personal data transfers that could be subpoenaed by the government. The same holds true for other types of transfers, including transfers to business partners and service providers.
6. Conduct Due Diligence When Outsourcing. Examine the third-party service provider’s experience with privacy and data security. Investigate any privacy complaints the service provider has faced and make sure you’re complying with all U.S. and foreign laws when outsourcing.
7. Protect Your Website. It’s good practice to implement a web monitoring program that automatically runs privacy scans to ensure that the site hasn’t been compromised and that privacy measures remain intact.
Protecting customers’ privacy is becoming a more cumbersome task with the advances in technology and the war on terror. “Ironically, the erosion of individual privacy rights here and abroad occurs under the guise of enhancing national security,” says Klosek. “The surprising fact is that this so-called greater protection renders private citizens more exposed than ever before.”
About Jacqueline Klosek
Jacqueline Klosek is a Senior Counsel in Business Law Department of Goodwin Procter LLP, where she practices in the Intellectual Property Practice Area. She is the author of two prior books: ‘The Legal Guide to e-Business” and “Data Privacy in the Information Age” as well as numerous articles.
Klosek is a Certified Information Privacy Professional. She serves on the Advisory Board for “The Privacy Advisor” of the International Association of Privacy Professional and is the co-chair of the International Working Group of that organization. She is also an active member of the American Bar Association, the International Bar Association and the International Association of Young Lawyers.
Klosek is a graduate of the Vrije Universiteit in Brussels (LLM, European and International Law); Benjamin N. Cardozo School of Law (JD, Law) and New York University (BA, Psychology).