TulipTools Internet Business Owners and Online Sellers Community

TulipTools Internet Business Owners and Online Sellers Community > Internet Business Legal Issues > Internet Business Legal Issues Discussion > Privacy > Best Privacy Practices for Online Service Providers
Full Version: Best Privacy Practices for Online Service Providers
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Kristijntje

06-21-2008, 11:27 AM
New privacy whitepaper from the EFF:

Quote:Summary of Recommendations

  1. Develop procedures for dealing with legal information requests and providing notice to users.
  2. Work with both attorneys and engineers to develop a privacy policy that fits your OSP’s practices.
  3. Collect the minimum amount of information necessary to provide OSP services.
  4. Store information for the minimum time necessary for operations.
  5. Effectively obfuscate, aggregate and delete unneeded user information.
  6. Maintain written policies addressing data collection and retention.
  7. Enable SSL as much as possible throughout your site to secure users’ information and communications.
  8. Understand threats to the security of sensitive information and communications on your systems, and mitigate them appropriately.
  9. Follow best-practice principles for the use of cookies on your site.
  10. Insist that the OSPs and other service providers you work with observe these best practices, too.

announcement: http://www.eff.org/deeplinks/2008/06/osp-best-practices
the white paper: http://www.eff.org/wp/osp
TulipTools Internet Business Owners and Online Sellers Community > Internet Business Legal Issues > Internet Business Legal Issues Discussion > Privacy > Best Privacy Practices for Online Service Providers