Abstract
Information-technology managers at US companies are likely to be affected by recent legislation in the European Union and in Canada that restricts the transfer of citizen's personal information to countries that do not protect that information adequately. We argue that, from both ethical and pragmatic perspectives, US businesses should reject the voluntary, self-certifying approach to data protection currently in favor in the United States. US businesses should advocate instead for a European approach that mandates stronger data protection and establishes a government agency charged with enforcing it. If the US adopted a European approach to data privacy, US businesses would attract more customers and avoid the legal problems that are likely to result when European and Canadian data-privacy authorities begin to enforce their new laws vigorously.
| Original language | English |
|---|---|
| Pages (from-to) | 85-94 |
| Number of pages | 10 |
| Journal | IEEE Transactions on Professional Communication |
| Volume | 47 |
| Issue number | 2 |
| DOIs | |
| State | Published - Jun 2004 |
Keywords
- Data privacy
- Data protection
- E-commerce
- EPIC
- Ethics
- European union data protection directive
- Multinational companies
- Personal information
- Personal information protection and electronic document act (PIPEDA)
- Privacy legislation
- Seal programs