Policy With
Respect To Privacy
The
policy of the Association is governed by:
-
The principles established by the World Wide Web
Consortium in its Platform For Privacy Preferences Program (P3P) Guiding
Principles, as set forth in NOTE-P3P10-principles-19980721, as stated at <http://www.w3.org/TR/1998/NOTE-P3P10-principles>.
That document is attached to this policy statement.
Members
shall base their professional principles on the fundamental value and dignity
of the individual, holding that the free exercise of human rights, including
freedom of speech, freedom of assembly and the protection of personal privacy,
is essential to the communication process.
The
policy of the Association is:
- USIIA seeks to
promote privacy and trust on the Web by enabling service providers to
disclose their information practices, and enabling individuals to make
informed decisions about the collection and use of their personal
information. Trust is built
upon the mutual understanding that each party will respect the agreement
reached. Service providers
should preserve trust and protect privacy by applying relevant laws and
principles of data protection and privacy to their information practices.
-
Service providers should provide timely
and effective notices of their information practices, allowing consumers to
access these notices and make decisions based on them. Service providers should communicate explicitly about data
collection and use, including information collected through web
interactions, identifying the purpose for which personal information is
collected and the extent to which it may be shared.
Consumers should be given the ability
to make meaningful choices about the collection, use, and disclosure of
personal information. Consumers should retain control over their personal
information and decide the conditions, if any, under which they will share
it.
-
Service providers should limit their
requests to information necessary for fulfilling the level of service
desired by the consumer. This will reduce consumer frustration, increase
trust, and enable relationships with many consumers, including those who may
wish to have an anonymous, pseudonymous, customized, or personalized
relationship with the service.
-
Service providers should obtain informed
consent prior to the collection and use of personal information, and provide
the ability to review and if appropriate correct personal information.
-
Service Providers should transfer personal
information only to sites with which the consumer has reached an agreement
authorizing such transfers or when authorized by the consumer.
-
Service providers should accurately represent
their information practices in a clear and unambiguous manner -- never with
the intention of misleading consumers.
They should use information only for the stated purpose and retain it
only as long as necessary and ensure that information is accurate, complete,
and up-to-date.
-
Service providers should disclose methods of
accountability for the data collected and means for recourse in event of an
error.
-
Consumers’ personal information
should always be protected with reasonable security safeguards in keeping
with the sensitivity of the information, and use appropriate trusted
protocols for the secure transmission of data.
Approved
3/3/00
|