| Privacy
Principles |
|
Sample
Guidelines for Developing Online Privacy Policies
|
| Adoption
and Implementation
— Organizations involved in online activities and e-commerce
have a responsibility to adopt and implement policies that will
protect the privacy of individual information. |
| Notice
and Disclosure
— An organization's privacy policy must be easy to find, read
and understand. It must be made available in a timely fashion, either
before or during sessions in which individual information is requested
and/or collected. |
| Choice
and Consent
— Individuals must be given a choice as to whether personal
information can be shared with third parties for uses unrelated
to the context in which it was collected. At a minimum, people should
be able to "opt out." |
| Data
Security
— When individual information is created, stored, used or disseminated,
care should be taken to assure its reliability and protect it from
loss, misuse or alteration. Third parties should share this responsibility. |
| Data
Quality and Access
— Reasonable steps should be taken to assure that personal
data is accurate, complete, timely and accessible by the individual.
Simple and easy-to-use routines to correct inaccuracies, should
be provided. |
|
Source:
Adopted from suggested online privacy guidelines published by
the Online Privacy Alliance.
|