EU-US Privacy Shield~by Paul Harris, Global-Z Marketing Manager

Are you ready for the new Privacy Shield regulations? The new EU-US agreement is bringing some major changes for American businesses that process European customer data. While many more questions are yet to be answered about Privacy Shield’s impact, we collected the top most frequently asked questions to help you better understand the regulations.

 

 

  • What is Privacy Shield?
    • On July, 12th 2016 the European Commission (EC) adopted the new EU-U.S. Privacy Shield (formerly known as EU-US Safe Harbor). The new Privacy Shield framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States, as well as bringing legal clarity for businesses relying on transatlantic data transfers.
    • Privacy Shield is a voluntary self-certification to the US Department of Commerce. Once a company publicly commits to Privacy Shield, it is enforceable under US law. It includes multiple avenues of redress to resolve complaints. The agreement is a ‘living commitment’ with annual reviews. Companies who certify with Privacy Shield must select an independent dispute resolution organization that include the following criteria.
      • Panel created by the EU Data Protection Authorities (DPA’s).
      • Accredited organization in EU.
      • Accredited organization in US.
  • What are the principals Privacy Shield is based on?
  • How does it affect my business?
    • From the perspective of U.S. companies, the framework has tightened restrictions on forwarding Europeans’ personal data to other companies. In the technology sector in particular this is going to require a lot more attentiveness on the part of those directly serving Europeans. The companies serving the customers will remain responsible for their personal data, even if the work is outsourced by subcontractors. Companies on the Privacy Shield register will also have to pledge to not collect more personal information that what they need for the purposes of their service.
  • When can we certify with Privacy Shield?
    • Going forward the Privacy Shield framework will be published in the US Federal Register. Once US companies have had an opportunity to review the framework and update their compliance, they will be able to certify with the US Department of Commerce starting August, 1st 2016. Companies should also assess Privacy Shield’s impact on their EU-U.S. data transfer strategy. In particular, there is a limited “grace period” available in that companies who self-certify within two months of Privacy Shield’s effective date will be given a nine month transitional period to address relationships with third parties.
  • Will it cost me to certify?
    • The total cost estimates are still unknown but costs will depend on your business size and a fee charged by your independent dispute resolution organization.
  • Does the recently announced “Brexit” (British exit from the EU) impact the new framework?
    • No, Brexit will have no immediate impact on Privacy Shield. The exit is expected to take at least two years minimum to fully occur and if changes happen within that timeframe, we will be sure to let you know.
  • Should I seek legal counsel?
    • Privacy Shield will be complex; we strongly recommend consulting legal counsel with international privacy law expertise.  If you would like to discuss Privacy Shield in greater detail and/or the specific impact on your company feel free to contact us any time.

For more information regarding the Privacy Shield framework please see the US International Trade Administration’s press release. Also, the US Department of Commerce has issued a “Fact Sheet” overview of the EU-US Privacy Shield Framework it can be viewed here.

EU-US Privacy Shield(Note: This article is an update on our first article about Privacy Shield posted in the February  2016 edition of GZ News.)

~by Paul Harris, Marketing Director

On July, 12th 2016 the European Commission (EC) adopted the new EU-U.S. Privacy Shield. The new Privacy Shield framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States, as well as bringing legal clarity for businesses relying on transatlantic data transfers.

Global-Z CEO and Co-Founder Dimitri Garder said: “In the upcoming weeks and months we will update our clients and partners regarding how the new Privacy Shield framework will impact our global data processing solutions.”

According the press release issued by the European Commission, EU-U.S. Privacy Shield is based on the following principles:

  • Strong obligations on companies handling data. The U.S. Department of Commerce will conduct regular updates and reviews of participating companies, to ensure they follow the rules they submitted themselves to. If companies do not comply with them, they face sanctions and removal from the list. The tightening of conditions for the onward transfers of data to third parties will guarantee the same level of protection in case of a transfer from a Privacy Shield company.
  • Clear safeguards and transparency obligations on U.S. government access. The US has given the EU assurance that the access of public authorities for law enforcement and national security is subject to clear limitations, safeguards and oversight mechanisms. Everyone in the EU will, also for the first time, benefit from redress mechanisms in this area. The U.S. has ruled out indiscriminate mass surveillance on personal data transferred to the US under the EU-U.S. Privacy Shield arrangement. The Office of the Director of National Intelligence further clarified that bulk collection of data could only be used under specific preconditions and needs to be as targeted and focused as possible. It details the safeguards in place for the use of data under such exceptional circumstances. The U.S. Secretary of State has established a redress possibility in the area of national intelligence for Europeans through an Ombudsperson mechanism within the Department of State.
  • Effective protection of individual rights: Any EU citizen who considers that their data has been misused under the Privacy Shield scheme will benefit from several accessible and affordable dispute resolution mechanisms. Ideally, the complaint will be resolved by the company itself; or free of charge Alternative Dispute resolution (ADR) solutions will be offered. Individuals can also go to their national Data Protection Authorities, who will work with the Federal Trade Commission to ensure that complaints by EU citizens are investigated and resolved. If a case is not resolved by any of the other means, as a last resort there will be an arbitration mechanism. Redress possibility in the area of national security for EU citizens’ will be handled by an Ombudsperson independent from the US intelligence services.
  • Annual joint review mechanism: the mechanism will monitor the functioning of the Privacy Shield, including the commitments and assurance as regards access to data for law enforcement and national security purposes. The European Commission and the U.S. Department of Commerce will conduct the review and associate national intelligence experts from the U.S. and European Data Protection Authorities. The Commission will draw on all other sources of information available and will issue a public report to the European Parliament and the Council.

Next steps: Privacy Shield framework will be published in the US Federal Register. The U.S. Department of Commerce will start operating the Privacy Shield. Once US companies have had an opportunity to review the framework and update their compliance, companies will be able to certify with the Commerce Department starting August 1st. Companies should assess Privacy Shield’s impact on their EU-U.S. data transfer strategy. In particular, there is a limited “grace period” available in that companies that self-certify within two months of Privacy Shield’s effective date will be given a nine month transitional period to address relationships with third parties.

Please see the US International Trade Administration’s press release for additional information.

Bad_Habits~by Katie Favreau, Jennifer Martell & Paul Harris

We know good data when we see it, and we also know when it’s not so good. That’s why we decided to give you some insight to some of our top “Bad Data Habits” that we see frequently in global databases. Here are some of the our top bad habits.

Recieve A Free Data Assessment

  • Trying to store international addresses in a database meant for USA.

This habit is common on data capture forms that were designed without consideration for global address systems. All address systems are not the same and when you have a required “state” field in a country that doesn’t have any states, you’re bound to end up with a some data problems. Do your homework and know your market. If the database you’re creating will reach a global customer, you should consider how the data will be entered and stored.

See the example below of a good global data capture form.Global Data Capture Form

  • Proper fielding when data entering is essential.

The best example here is not requiring a “country” field. If a contact has only a street address and name without an identified country, that makes the address not correctable. Our earth has many people and without some essential data points, it’s like finding a needle in a really big haystack.

  • Excel corrupting data.

Excel is without a doubt a powerful tool. However, sometimes it’s not your friend. Simple commas can corrupt your data fields if you’re not careful. We’ve seen excel do some funky things in the past and we recommend you are very careful when storing data in excel. The more data you have, the more chances you have for excel to corrupt it.

See the video below for an example of how excel can corrupt your data with its autocorrection rules.

  • Placing contact names and business names in the same field.

This is a no-no that needs to be nipped in the bud fast. These data points should always be in separate fields. Here is an example, First Name: Paul, Last Name: Harris, Company Name: Global-Z International. You shouldn’t have “Paul Harris Global-Z International” all in one field.

  • Searching for a Niche Group - Magnifying GlassNot checking for dupes when new data is entered.

Duplicate data becomes unmanageable fast. A quick check before a new record is entered in a database will prevent much anger and confusion in the long run. Nothing slows you down like doing a look-up on the name “John Smith” only to find you have 13 different “John Smith” records and all of them have conflicting information populated in the fields.

Recieve A Free Data Assessment

 

Global GenderBENNINGTON, VT.,  April 20th, 2015 — Global-Z International recently launched a new Global Name Standardization Solution that services all countries in the world. The new service is a best-in-class solution that provides valuable information to clients who care greatly about the user experience and want to get the gender references right. Global Name Standardization will identify, with a high rate of accuracy, the gender of all records in large global datasets.

The driving use case for this new solution is to clean up messy name data in order to improve data record matching rates.  Another service benefit is to improve the presentation of name information for CRM and direct marketing content.

Many improvements have been made to the Global Name Standardization solution that makes it the most competitive service in the global market. Some of the major improvements include:

  • Updated global name reference data;
  • Improved statistical data on usage of names of given gender;
  • Language-specific gender usages;
  • Usage from census information and additional sources of name data.

“We are advancing the global capabilities to a level of sophistication that some domestic solutions have had for awhile,” said Dimitri Garder, Global-Z’s CEO. “This is part of an ongoing evolution of our customer contact data solutions,” Garder added.

The Global Name solution also includes some unique features that have some exciting and potentially powerful use-cases. These features include:

  • Unisex name identification. This can be used when you have names in the data that tend to be male in one language, but female in another. The name “Jean” is a classic example. “Jean” is a female name in the English language but in French culture, it’s a male name.
  • Alternate name spelling conversions to common names. An example for this use case is the nick-name “Will” can be swapped for the given name of “William.”
  • First and last name swap ability. This feature can swap first and last names if they are reversed based on a statistically assessment of likelihood. Example: “Smith, John” we will changed for “John, Smith.”
  • Name Culture of Origin Identification. The feature can determine statistical likelihood of a names culture of origin.

“We are excited to add this new name solution to complement our suite of growing services,” said Garder.

About Global-Z International

Global-Z International was founded in 1989 focused on improving customer data quality and intelligence in global markets. Today Global-Z serves some of the largest global enterprises with customized international data quality solutions for their marketing, customer relationship and master data management needs.

Global-Z International, Inc., is headquartered in Bennington, Vermont with offices and operations in the US, Canada and Japan.

For more information, please contact Paul Harris at:

+1.802.445.1011 Ext. 215

Phone +1.802.445.1016 Fax

pharris [at] globalz [dot] com

www.globalz.com

 

EU-US Privacy Shield(Note: This article is an update on our first article about Privacy Shield posted in the February  2016 edition of GZ News.)

~By Ted Haas, Global-Z Chief Marketing Officer (CMO)

On February 2nd, 2016 the US Department of Commerce and European Commission issued a press release that outlined some key changes to the EU-US Safe Harbor; now dubbed the “Privacy Shield.”   This agreement replaces Safe Harbor, which was declared invalid on October 6th, 2015.

Here are some of the key updates since this major decision has been announced.

 

EU-US_Safe_Habor_Dates

 

Overview: What is Privacy Shield?

  • It is a robust framework under which personal data of EU individuals will be protected when it is transferred to the US.
  • It replaces Safe Harbor –declared invalid by EU Court October 6th, 2015.
  • It is a voluntary self-certification to the US Dept. of Commerce.
  • Once a company publically commits to Privacy Shield, it is enforceable under US law.
  • It includes multiple avenues of redress to resolve complaints.
  • Privacy Shield companies must select an independent dispute resolution organization.
    • Panel created by the EU Data Protection Authorities (DPA’s).
    • Accredited organization in EU.
    • Accredited organization in US.
  • There are special provisions for HR personal information.
  • It is a ‘living commitment’ with annual review.
  • Privacy Shield will be effective with final approval of European Commission (est. June 2016).

 

7 Principles and 16 Supplemental Principles define the core provisions of the Privacy Shield framework.

Main Principles:

  1. Notice
  2. Choice
  3. Accountability for Onward Transfer
  4. Security
  5. Data Integrity and Purpose Limitations
  6. Access
  7. Recourse, Enforcement and Liability

 

16 Supplemental Principles:

  1. Sensitive Data
  2. Journalistic exceptions
  3. Secondary Liability
  4. Performing Due Diligence and Conducting Audits
  5. Role of the Data Protection Authorities
  6. Self – Certification
  7. Verification
  8. Access
  9. Human Resource Data
  10. Obligatory Contracts for Onward Transfers
  11. Dispute Resolution and Enforcement
  12. Choice-Timing of Opt Out
  13. Travel Information
  14. Pharmaceutical and Medical Products
  15. Public Record and Publicly Available Information
  16. Access Requests by Public Authorities

If you would like to discuss Privacy Shield in greater detail and/or the specific impact on your company feel free to contact us any time.

The US Department of Commerce has issued a “Fact Sheet” overview of the EU-US Privacy Shield Framework it can be found here.

Privacy Shield will be complex; we strongly recommend consulting legal counsel with international privacy law expertise.

LockThe US Department of Commerce and European Commission issued press releases this week (Tuesday, Feb 2, 2016) that outline some key changes to the EU-US Safe Harbor; now dubbed the “Privacy Shield.”   This agreement replaces Safe Harbor which was declared invalid October 6, 2015.

Privacy Shield Summary

While the new accord still needs to be reviewed by the Article 29 Working Party and the College of Commissioners, but assuming it remains substantially the same, we can expect the following:

  • More stringent obligations on companies handling Europeans’ personal data and more robust enforcement
  • EU individuals will have access to multiple avenues to resolve concerns, including through alternative dispute resolution at no cost to the individual.
  • The Privacy Shield includes new contractual privacy protections and oversight for data transferred by participating companies to third parties or processed by those companies’ agents to improve accountability and ensure a continuity of protection.
  • Clear safeguards and transparency obligations on U.S. government access.  The US has agreed to an annual joint review with the EU, including with respect to national security access to personal data.

The details currently available are included in press releases issued by the European Commission and the US Department of Commerce; a summary and related links to the releases are here:

Global-Z expects the Commission and FTC will make the entire agreement publicly available soon. After our review of the fully-published agreement, Global-Z will provide you with another update. Importantly, US companies will need to review the new Privacy Shield program carefully before deciding to commit to it.

We will continue to keep you posted. If you have any questions please feel free to contact us.

200261368-001With the addition of US data quality services to our industry leading international services Global-Z now offers one of the best ‘Global” solutions in the market.

For the last two decades Global-Z has been the market leader in data processing for international data quality. Our depth of application knowledge, advanced multi-byte writing system capabilities and flexible service delivery options gives us the cutting edge to serve our clients better than any other competitor. International contact data quality is at the core of what we do and it’s who we are.

For the last few years we have observed a market shift. The marketplace is becoming much more internationally integrated and our clients have a growing preference for one-stop solutions for global needs, including cross border recognition.   

In order to become the best, one-stop shop for global customer database cleansing, Global-Z has   added US data processing to our capabilities set. Now we have a complete range of services that will add value to our clients who prefer to work with a single vendor for a comprehensive global solution.

“Adding US data quality to our capabilities adds significant value for our clients who have   global needs,” said Dimitri Garder, Global-Z Executive Vice President. “Our primary strength has always been, and always will be, international data processing, however, now we are able to offer a more comprehensive solution worldwide.”
If you have any questions about our US processing capabilities please contact us. We’re happy to help.

 

Japan_FlagBENNINGTON, VT., December 17th, 2015 — Global-Z International recently announced its brand new name gender assignment capabilities for the country of Japan. The new gender assignment technology is a best-in-class solution that provides valuable information to businesses who manage Japanese customer data. Global-Z’s service will identify, with a high rate of accuracy, the gender of all records in Japanese datasets.

At the core of Global-Z’s Japan Gender assignment technology is a new name database that contains millions of gender-identified name records. This dataset, along with Global-Z’s proprietary matching technology, improves accuracy and match rates during a database cleanse and helps identify who is male and who is female.

“Nobody in the market has a better Japan gender service,” said Ed Barbeau, Global-Z’s VP of Operations. “This service gives our clients the valuable insight needed to better understand the gender demographics of their Japan data. That kind of knowledge is powerful for any global marketer or company who focuses on the importance of data quality.”

Barbeau stated that this new service is quick and easy for brand new clients to set up. If existing customers are interested, the launch will require minor to no changes in their application protocol interface (API).

Global-Z’s Japan Gender cleansing service processes data in both Kanji and Katakana language sets, a valuable feature that enables the solution to cover the entire Japanese population.

“This is a one-of-its-kind solution for the Japan market,” Barbeau added. “It’s the kind of innovation that our clients expect from the leader in the global contact data quality market.”

About Global-Z International

Global-Z International was founded in 1989 focused on improving customer data quality and intelligence in global markets. Today Global-Z serves some of the largest global enterprises with customized international data quality solutions for their marketing, customer relationship and master data management needs.

Global-Z International, Inc., is headquartered in Bennington, Vermont with offices and operations in the US, Canada and Japan.

For more information, please contact Paul Harris at:

+1.802.445.1011 Ext. 215

Phone +1.802.445.1016 Fax

pharris [at] globalz [dot] com

www.globalz.com

UPU_Logo

BENNINGTON, VT., October 22nd, 2015 — Global-Z International announced today its CEO and Co-Founder, Dimitri Garder, has accepted an invitation to be a guest speaker at a new Global Addressing Conference hosted by the Universal Postal Union (UPU) in Berne, Switzerland, on October, 26th – 27th during the UPU Council of Administration session.

The UPU organized this event with the goal of exploring how to extend access to global address infrastructure. The two-day event will discuss new ways for addresses to be developed and implemented faster and at lower cost, in particular through the use of new technologies.

The conference schedule:

  • Day 1: Will focus on illustrating the economic and social value of address infrastructure; as well as on reviewing innovative solutions and tools that facilitate address management and access to spatial information.
  • Day 2: Will be devoted to building capacities through a hands-on session, focused on real examples of up-to-date, user-friendly addressing system models

“I’m excited to be part of this important discussion,” said Dimitri Garder, Global-Z CEO.          “We are happy to share our 25+years’ experience helping companies improve global address databases and location technologies. Global address access and quality are becoming increasing more important for economic growth as the world markets become more interdependent.”

About Global-Z International

Global-Z International was founded in 1989 focused on improving customer data quality and intelligence in global markets.  Today Global-Z serves some of the largest global enterprises with customized international data quality solutions for their marketing, customer relationship and master data management needs.

Global-Z International, Inc., is headquartered in Bennington, Vermont with offices and operations in the US, Canada and Japan.

For more information, please contact Paul Harris at:

+1.802.445.1011 Ext. 215 Phone

+1.802.445.1016 Fax

pharris [at] globalz [dot] com

www.globalz.com

Canada~by Paul Harris, Sales & Marketing

It’s no surprise that data privacy has become a big concern for many global companies. That’s why Global-Z goes above and beyond to assure your data remains secure and private, while allowing our services to add significant value to your global data.

Canada Post, our partner for providing Canadian National Change of Address (NCOA) services, recently announced some changes to their rules for NCOA processing. These policy changes would have had restricted us from returning some of the valuable fields we normally give to our customers after NCOA processing, specifically the Change of Address Notification (COAN) type and the Record Type fields. When we heard of the new policy change, we began to collaborate with Canada Post in order to reach a solution that will allows us to provide our customers with these valuable fields while keeping the data safe.

“Our relationship with Canada Post is strong,” said Dimitri Garder, Executive VP of Global-Z. “We have successfully worked with Canada Post to create a better solution that fits their need, and fits the best interest of our customers.”

“It’s predictable that many data vendors will change policies in the future,“ stated Doug Robinson, Global-Z’s Chief Technology Officer.  “Our job is to look out for everyone’s best interest as best we can.”

Want more information about Canadian NCOA services? Please contact us.