Message-ID: <29153828.1075863720409.JavaMail.evans@thyme>
Date: Thu, 11 May 2000 01:39:00 -0700 (PDT)
From: michelle.cash@enron.com
To: jane.allen@enron.com
Subject: Re: EU-US "Safe Harbor" agreement
Cc: stephen.burns@enron.com, joe.hillings@enron.com, tom.briggs@enron.com, 
	sherry.lessner@enron.com, sharon.butcher@enron.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Bcc: stephen.burns@enron.com, joe.hillings@enron.com, tom.briggs@enron.com, 
	sherry.lessner@enron.com, sharon.butcher@enron.com
X-From: Michelle Cash
X-To: Jane Allen
X-cc: Stephen D Burns, Joe Hillings, Chris Jones@ENRON, Tom Briggs, Sherry Lessner, Sharon Butcher
X-bcc: 
X-Folder: \Michelle_Cash_Dec2000\Notes Folders\All documents
X-Origin: Cash-M
X-FileName: mcash.nsf

We are in the process of promulgating a data protection policy.  It should be 
out  in the next few weeks.  It addresses all of those privacy, etc. issues.  
Let me know if you would like a copy of the draft policy.  MIchelle


   
	Enron North America Corp.
	
	From:  Jane Allen                           05/11/2000 07:49 AM
	

To: Stephen D Burns/Corp/Enron@ENRON
cc: Joe Hillings/Corp/Enron@ENRON, Chris Jones@ENRON, Tom Briggs/LON/ECT@ECT, 
Sherry Lessner/Corp/Enron@ENRON, Michelle Cash/HOU/ECT@ECT, Sharon 
Butcher/Corp/Enron@ENRON 
Subject: Re: EU-US "Safe Harbor" agreement  

This has been looked at by our HR IT department for many years as we have 
been transmitting data back and forth in our Compensation and HR systems.  I 
am copying Sherry Lessner who at one time lead the group dealing with this 
issue, as well as Sharon Butcher and Michelle Cash from our legal department.

Ladies, can you provide any additional information on what we are doing?  Do 
we need additional research in this area?

Thanks,

Jane





Stephen D Burns@ENRON
05/10/2000 07:29 PM
To: Jane Allen/HOU/ECT@ECT
cc: Joe Hillings/Corp/Enron@ENRON, Chris Jones, Tom Briggs/LON/ECT@ECT 
Subject: EU-US "Safe Harbor" agreement

Jane:

I participated in a lunch yesterday on Capitol Hill which discussed the 
recently concluded bilateral negotiations between Europe and the US on the 
issue of data privacy/safe harbor.  I admit that I don't fully understand the 
issue, but in essence I'm told it's an internal EU directive passed a few 
years ago (not all countries within the EU have come into compliance yet, by 
the way) that has strict bearing on issues pertaining to the protection of 
the privacy of transmitted data (eg, over the internet).   The EU wants to 
forbid transmitting certain types of data to countries that don't "adequately 
protect" the information.  As always, the EU wants to regulate the issue, 
while the US prefers self-regulation.  After two years of negotations, they 
agreed a few weeks ago that data transmitted from the EU to the US could be 
put in "safe harbors", which are basically approved bodies that would check 
the recipient's ability to protect the privacy of the information, ie, an 
American company receiving privelaged data from its European affiliates or 
offices.  

How does this affect Enron?  A couple of other company reps said it is 
especially pertinent to HR issues, such as transmitting personnel 
information, salary, etc. from Europe back to the home office in the US.

Given our large presence in London and elsewhere in Europe, does this affect 
us, and do you want us to track down more information?

Regards,
Steve Burns





