Speaking before the House Subcommittee on Commerce, Trade and Consumer Protection Thursday, Jerry DeVault, national leader of Ernst & Young's Innovative Assurance Solutions practice, called for widespread adoption of independent third-party verification of privacy policies as an industry best practice to assure consumer trust and confidence online.
The hearing, Information Privacy: Industry Best Practices and Technological Solutions, also plans to hear speakers from Microsoft, Webwasher, Reciprocal, Zero-Knowledge Systems. SafeWeb, Engage, the Better Business Bureau, the Electronic Privacy Information Center, and the Direct Marketing Association.
In his testimony DeVault said that privacy policies posted online -- once rare, but now common among leading sites -- are not enough.
"The mere existence of a privacy policy -- even a policy that includes standard components -- is not as impressive as it once was," DeVault testified. "Promises alone don't earn consumers' trust. Making a declaration to provide notice, choice, access and security will only work if consumers can trust that companies will enforce them."
In the private sector, DeVault noted that: "Leading companies are recognizing that it is not enough to say what they will do with personally identifiable information. Businesses must also prove to consumers that they are doing what they say they are doing."
To accomplish this, DeVault told the House Subcommittee that top companies find it valuable to provide consumers and other stakeholders with more assurance about their actions by earning independent verification reports.
"Leading companies are proactively having third parties test their assertions regarding the people, processes, and technologies that operate and enforce their stated practices," said DeVault. "This additional step of robust testing requires a company to 'earn' a compliance report rather than simply agreeing to comply with a set of self-regulatory requirements stated on a Web site. Businesses, increasingly looking for a more effective private sector solution to privacy, are turning to independent third parties for verification of their practices."
DeVault added that using independent third parties for privacy assurance could " stave off more draconian governmental measures that could unduly impede private sector initiatives."
LATEST NEWS
UCSD Plans First Flash-Based Supercomputer
Digging Into N.Y.'s Antitrust Suit Against Intel
Analyst: Sony-Ericsson's Android Bid Is Late
Coupon Site Targets Black Friday, Cyber Monday
Microsoft Sites Up Big in Time Spent Online







Digg
Del.icio.us
Facebook
Google
StumbleUpon
Technorati
More stories by this author
