Privacy: Performance 2007/08
We said:
We would launch an online privacy awareness programme in all our local operating companies to describe Vodafone’s privacy policy and what it means for employees.
We have:
Continued to participate in the multi-stakeholder dialogue on the creation of ICT industry principles on freedom of expression and privacy
Vodafone has continued to participate in this process through an in-depth dialogue with a variety of stakeholders, conducted through a series of meetings in 2007 and 2008. This included a series of events where participants shared knowledge and experiences on the challenges faced by ICT companies on human rights issues regarding freedom of expression and privacy.
Carried out a group-wide audit of privacy policy implementation
This was co-ordinated by the Vodafone Group Audit department. Audit teams in each local operating company worked with local privacy officers. We will report the findings in 2008/09.
Created a privacy site within our global intranet
Employees across the Group can access the new intranet privacy site that includes our privacy policies, guidelines, in depth briefing papers and bulletins. The site also provides contact details for our Group and local privacy officers.
Introduced a privacy bulletin for employees
The bulletin – launched in August 2007 – is designed to raise awareness among our employees about topical privacy issues and how they are relevant to Vodafone. The first bulletin focused on the implications of data retention for our customers’ privacy and the second focused on the implications of data security breaches, in light of increased media attention on the subject. The bulletin goes out to our executive management team, including the Content and Privacy Steering Committee, to local privacy officers, lawyers, government relations and public policy staff, security officers, engineers and other staff with a need to understand privacy issues and Vodafone’s position on them.
Drafted a global employee privacy policy
We need to ensure that the way we manage employee privacy across the Group meets local legal requirements and provides a high and consistent level of protection for our employees. We have developed a Group-wide employee privacy policy through consultation with our local HR, legal and privacy teams and are currently finalising this with senior management in readiness for executive approval. The policy will be finalised and launched in 2008/09.
Published a CR Dialogue paper on privacy and mobiles
The paper includes views from four experts on privacy and mobiles. It is part of our series of Vodafone CR Dialogues, designed to inform and stimulate discussion on specific issues.
Engaged with the European Commission on data security notification
We engaged with the European Commission on proposed amendments to the Directive on Privacy and Electronic Communications that will require operators to notify users when there has been a security breach of their personal data. Vodafone supports the Commission’s efforts to strengthen security, and has commented on the proposals. See public policy.
Developed an online privacy awareness programme
The programme is based on our Group-wide privacy policy and will be rolled out to all our operating companies. It includes one hour of e-learning on what our privacy policy means in practice. The programme has been launched in the UK and we are working to resolve technical problems that have delayed our ability to introduce the programme in other markets.
We will:
- Launch a Global Employee Privacy Policy
- Carry out a benchmarking study of companies in other markets to help develop our approach to targeted advertising and the protection of privacy
- Develop our policy on assisting law enforcement
- Launch a privacy information centre on our vodafone.com website
