EURIM Information and ID Governance Explanatory Page

The areas of apparent conflict that need to be looked at include:

International
Differences between current regulatory frameworks and supervisory practices in the EU and US hamper trans-Atlantic financial transactions and progress towards financial markets integration. US legislation (e.g. HIPAA, GLBA, SB 1386, OPPA, the Fair Credit Reporting Act), Canada's PIPEDA, the EU's Data Protection Directive (with differences of implementation in each of the EU states) - and the EU ‘Safe Harbour’ regulations which enable US companies to avoid prosecution under EU regulations - as well as UK legislation such as the Human Rights Act, the Regulation of Investigatory Powers Act and various telecommunications, distance selling and anti-spam measures, combine to make compliance a significant challenge for all organizations. This includes conflicting requirements on organisations to keep information confidential, delete it when no longer required for the original purpose and to retain it, in case a regulatory or law enforcement agency might want it.

List to be compiled as part of the policy study.

European
The differing approaches to data protection, retention, access, sharing and identities within a wide variety of directives and initiatives concerned with consumer protection, e-commerce, procurement, public services and law enforcement as well as the main Data Protection Directive and proposals on Data Breach notification.

List to be compiled as part of the policy study.

UK
See previous work programme.