A Practical Guide to Addressing Information Privacy and Security Issues in International Business
With the globalization of the economy, businesses are reaching greater, broader, and more diverse markets in foreign countries in order to increase their revenues. Their websites reach clients and prospects throughout the world anytime, any day, anywhere. To achieve a global presence, companies hire foreign contractors to develop or manufacture products, provide support services, and much more. The foreign subsidiaries routinely send employee information to the company’s headoffice where a central database maintains salary and other employee information for all personnel worldwide. Millions of personal data are collected, used, processed or moved accross borders.
An increasing number of foreign laws are attempting to protect personal data, and preserve and strengthen human rights and fundamental freedoms. These laws are relevant to global companies. Negotiating a deal, corresponding with clients, exchanging contact information for the delivery of a shipment usually entails thecollection, transfer, use, or storage of personal information.
Companies must remember and take into account the different cultures, history, political regime, and different laws when exchanging the personal information of their employees, clients, or contacts with entities located in foreign countries. We also cannot expect a service provider in the Philippines, or a distributor in Italy or Argentina to act in the way we act, to have priorities that are similar to ours. We cannot expect them to treat – or be required to treat - personal information in the same way as we do.
The great discrepancies between the treatments of personal or private information throughout the world make global companies vulnerable to violating foreign data protection laws for lack of awareness of their duties and obligations. The Global Privacy and Security Law book attempts to clarify and explain some of the privacy and security requirements by taking the reader to a journey around the world. It offers a survey of the legal environment related to privacy and security. Its goal is to increase the reader’s awareness of the substantial discrepancies and differences between the legal regimes throughout the world. It hopes to help privacy professionals understand some of the multiple facets of the protection of personal data in corporate and commercial transactions.
"Francoise Gilbert has done a great service to the field of privacy by comprehensively gathering, organizing, and interpreting the many privacy laws around the world. Global Privacy and Security Law will serve as an invaluable resource for anyone struggling with the complexities of this field."
"Global Privacy and Security Law merits a wide berth on the shelf of any informational assets' based library. These volumes contain a breadth of information across the many relevant geographies where data is regulated as well as the varied nuances in the various protection schema. Any data protection professional seeking to find solutions in an evolving practice can use this tool as a handy compass to navigate the journey to information protection."
"This is an incredibly comprehensive and effective treatment of one of the emerging and complex fields of law that affects all areas of commerce and government. It is an invaluable contribution and resource for anyone affected by the continuingly expansive regulation of privacy and personal data security worldwide."
"This two volume set is well written, incisive, and well documented. It is a must have for any serious privacy practitioner. "
About the Author
J.D., Loyola U. of Chicago (USA)
Maitrise en Droit, Paris (France) - law degree-
M.Sc. and CAPES Mathématiques, Paris (France)
Admitted to practice law in California, Illinois, and France
Françoise Gilbert concentrates in US and global data privacy and security issues, cloud computing, and information law. Covering the entire privacy and security spectrum, her clients include public or multinational entities, cloud service providers, B2C businesses, B2B businesses, analytics companies, publishers, Internet stores, insurance companies, manufacturers, service providers, trade associations, software developers, and others. She counsels clients on complex issues related to evaluating and strategically managing privacy, security, cloud computing and e-business risks. She assists clients in driving a culture of privacy across their organization, developing and implementing information privacy and security strategies and compliance programs, and integrating privacy and security in commercial or corporate transactions.
An internationally recognized thought leader and expert in privacy and data protection law, Francoise has been named Best Lawyers’ “2014 San Francisco Lawyer of the Year for Information Technology Law.” For several years, the prestigious Chambers USA and Chambers Global, The Best Lawyers in America, and the Who’s Who in E-Commerce have recognized her as one of the leading lawyers in the field of information privacy and security. She was listed as one of the top privacy advisers in the recent Computerworld “Best Privacy Advisers” list, and for several consecutive years as been selected by Ethisphere for its list of the “Attorneys Who Matter.”
With over 30 years of experience as a practicing attorney addressing cutting edge domestic and international computer, Internet and data protection issues, Françoise brings a unique combination of sharp legal skills, deep regulatory knowledge, practical business acumen and extensive experience of the information technology markets.
She is highly experienced in addressing a wide range of US and foreign privacy and security issues, such as counseling on HIPAA/HITECH Act, GLBA, COPPA, FCRA/FACTA, or CAN SPAM compliance, online and offline data law, behavioral advertising, tracking, content personalization, retargeting, use of data for modeling, analytics and diagnostics, security incident response planning and disclosures, implementation of FTC and State Attorney General guidance. She develops comprehensive privacy compliance programs, consumer privacy policies and best practices, and training programs regarding the appropriate collection, use and disclosure of personal data. She conducts all phases of privacy assessments and information security policy audits, and assists clients in responding to investigations by state and federal regulators.
For multination companies, she leads the design and implementation of global privacy programs, advises on compliance with foreign data protection laws (Western Europe, North America, or Asia Pacific) and cross border data flow issues, negotiates and implements data transfer agreements and data transfer structures, conducts Safe Harbor audits, develops and maintains documentation and procedures to support continuing compliance with EU-US Safe Harbor principles, assists in Safe Harbor self-certification and re-certification.
In addition, she assists clients’ corporate or commercial teams in incorporating data protection in their operations and transactions. She regularly works on data protection issues in major corporate and commercial transactions such as mergers & acquisitions, cloud computing, outsourcing, and offshoring. She structures and negotiates a wide variety of contracts concerning data uses, privacy and security, cloud computing, or transactions associated with databases, data processing or data management, including strategic alliances and joint ventures, and other complex contracts.
SPEAKING AND TEACHING
A prolific speaker, Françoise Gilbert has been featured on numerous panels throughout the United States and internationally on privacy, security, cloud computing, risk management, outsourcing, information technology, and e-business law by industry groups, bar associations and trade associations. She has taught technology and data protection law in the Graduate School of Health Information Science at the University of Illinois, Chicago Campus from 1992 to 2012, and is a frequent guest speaker at the John Marshall Law School in Chicago (Illinois) and at the Silicon Valley Center for Entrepreneurship at San Jose State University (California).
Françoise is often asked to comment on privacy, security or cloud computing issues in national and international press, including the New York Times (USA), le Matin Dimanche (Switzerland), RTTV (Russia), ComputerWorld (USA), MarketPlace (USA), PC World (USA), SafeGov.org (USA), or TechTarget (USA).
Françoise is the author and editor of Global Privacy and Security Law published by Aspen / Wolters Kluwer, a two-volume, 3,000 page, law treatise, which provides a detailed analysis of the major drivers that dictate or influence data protection laws worldwide, and contains a thorough analysis of the privacy and data protection laws of 66 countries on all continents. The treatise, initially published in 2009, is updated three times a year.
She is also a co-author of: Privacy Compliance and Litigation in California (2009-2014 - CEB); HIPAA Security Standards (2007 – ABA Publications); Business Process Outsourcing Transactions (2007- Wiley); Technology Outsourcing Transactions (2005 - Wiley); International Guide to Cyber Security (2004 - ABA Publications); International Guide to Privacy (2003 - ABA Publications); International Guide to Combating Cybercrime (2002 - ABA Publications); Comprehensive Guide to Electronic Health Records (2000 - Faulkner & Gray); Comprehensive Guide to Electronic Health Records (1999 - Faulkner & Gray).
In addition, Ms. Gilbert has published hundreds of articles in peer-reviewed publications, professional journals and magazines on privacy, security, cloud computing, computer crime, outsourcing, workplace privacy, information law, data governance, Internet law, ecommerce, children protection, and comparative law. She is a contributing expert to TechTarget’s SearchCloudSecurity.com, focusing on information privacy and security, cloud computing and data governance.
Françoise is a member of the Editorial Board of The Practical Lawyer, a publication of the American Law Institute – Continuing Legal Education Group and she serves on the Technology Board of Advisors of ALI CLE. She has served on the Board of Directors of the International Technology Law Association, the American Telemedicine Association, the California E-Heath and Telemedicine Association, and other non-profit entities, and on the Board of Advisors of several Silicon Valley emerging technology start-ups. She is a past member of the National Conference of Lawyers and Scientists and of the Executive Committee of the Business Law Section of the California Bar.
Ms. Gilbert is a founding member of the Cloud Security Alliance, its General Counsel, and the chair of its Legal Committee. She has co-chaired the PLI Privacy & Security Law Institute since 2000 and has held numerous leadership positions at the American Bar Association, the California State Bar, the Chicago Bar Association and the International Association of Privacy Professionals including, most recently, the American Bar Association Science & Technology Section ePrivacy Committee and the IAPP KnowledgeNet San Francisco.
EDUCATION, BAR ADMISSIONS AND CERTIFICATIONS
Trained in the civil law and the common law systems, Françoise Gilbert is admitted to practice in California and Illinois as well as in France. Before acquiring her JD in Chicago (Illinois), she obtained a French law degree in Paris (France). Early training includes undergraduate and graduate degrees in mathematics, engineering and education from the Universities of Paris and Montpellier (France). Françoise Gilbert is accredited as Certified Information Privacy Professional (CIPP) by the International Association of Privacy Professionals.
Françoise Gilbert is bilingual in French and English. She has a working knowledge of Spanish, Italian and German.
IT LAW GROUP
Françoise Gilbert is the founder and Managing Director of the IT Law Group.