Enron Mail

From:michelle.cash@enron.com
To:jane.allen@enron.com
Subject:Re: EU-US "Safe Harbor" agreement
Cc:stephen.burns@enron.com, joe.hillings@enron.com, tom.briggs@enron.com,sherry.lessner@enron.com, sharon.butcher@enron.com
Bcc:stephen.burns@enron.com, joe.hillings@enron.com, tom.briggs@enron.com,sherry.lessner@enron.com, sharon.butcher@enron.com
Date:Thu, 11 May 2000 01:39:00 -0700 (PDT)

We are in the process of promulgating a data protection policy. It should be
out in the next few weeks. It addresses all of those privacy, etc. issues.
Let me know if you would like a copy of the draft policy. MIchelle



Enron North America Corp.

From: Jane Allen 05/11/2000 07:49 AM


To: Stephen D Burns/Corp/Enron@ENRON
cc: Joe Hillings/Corp/Enron@ENRON, Chris Jones@ENRON, Tom Briggs/LON/ECT@ECT,
Sherry Lessner/Corp/Enron@ENRON, Michelle Cash/HOU/ECT@ECT, Sharon
Butcher/Corp/Enron@ENRON
Subject: Re: EU-US "Safe Harbor" agreement

This has been looked at by our HR IT department for many years as we have
been transmitting data back and forth in our Compensation and HR systems. I
am copying Sherry Lessner who at one time lead the group dealing with this
issue, as well as Sharon Butcher and Michelle Cash from our legal department.

Ladies, can you provide any additional information on what we are doing? Do
we need additional research in this area?

Thanks,

Jane





Stephen D Burns@ENRON
05/10/2000 07:29 PM
To: Jane Allen/HOU/ECT@ECT
cc: Joe Hillings/Corp/Enron@ENRON, Chris Jones, Tom Briggs/LON/ECT@ECT
Subject: EU-US "Safe Harbor" agreement

Jane:

I participated in a lunch yesterday on Capitol Hill which discussed the
recently concluded bilateral negotiations between Europe and the US on the
issue of data privacy/safe harbor. I admit that I don't fully understand the
issue, but in essence I'm told it's an internal EU directive passed a few
years ago (not all countries within the EU have come into compliance yet, by
the way) that has strict bearing on issues pertaining to the protection of
the privacy of transmitted data (eg, over the internet). The EU wants to
forbid transmitting certain types of data to countries that don't "adequately
protect" the information. As always, the EU wants to regulate the issue,
while the US prefers self-regulation. After two years of negotations, they
agreed a few weeks ago that data transmitted from the EU to the US could be
put in "safe harbors", which are basically approved bodies that would check
the recipient's ability to protect the privacy of the information, ie, an
American company receiving privelaged data from its European affiliates or
offices.

How does this affect Enron? A couple of other company reps said it is
especially pertinent to HR issues, such as transmitting personnel
information, salary, etc. from Europe back to the home office in the US.

Given our large presence in London and elsewhere in Europe, does this affect
us, and do you want us to track down more information?

Regards,
Steve Burns