The transfer of data across geographic boundaries is a challenge for multinational corporations and government entities, he says. The laws in Europe, for example, dictate where data can be moved, says Thompson, a well-known application security expert who teaches at several universities and co-authored four books. Overall, there is a big cultural difference in how the United States treats privacy and how it is regarded in Europe. “We don’t have anything in the United States that specific,” says Hugh Thompson, program committee chairman of the RSA Conference, the security industry’s largest trade event. While the United States endorsed the OECD’s recommendations, it never implemented them. Europeans, far more sensitive to the possibility of data exposure, owing to their experiences under authoritarian regimes during World War II, passed the Data Protection Directive, which offers a comprehensive system throughout the EU that incorporates recommendations made 30 years ago by the Organisation for Economic Cooperation and Development (OECD), an organisation comprised of 34 countries that was founded in 1961. Despite 46 states having breach notification laws, and compliance mandates that order adherence to privacy restrictions, such as Sarbanes-Oxley and HIPAA, this country lags the European Union in prescriptive requirements, experts say.
0 kommentar(er)
