The EU’s proposed EU Data Protection Framework encourages the use of privacy seals, certification mechanisms and trust marks. Any organisation which has obtained a privacy seal would be considered to have attained a ‘stamp of approval’, indicating good privacy standards.

Anticipating the development of data protection kite marks, the UK Information Commissioner’s Office has launched a questionnaire to help establish the best method of implementation of such a scheme, and how privacy seals may be used to improve data protection compliance and customer consumer awareness of data protection.

The questionnaire will gather the views of organisations on their general interest in the use of privacy seals, practical experiences they have with such schemes, and the potential commercial benefits, as well as any potential reservations they may have.

As with any type of kite mark, the use of privacy seals must be founded on a system that can be trusted and perceived as legitimate. In looking at some of the similar uses of such marks, their use should not be seen as nothing more than a formulaic paper exercise that is not always supported. Ideally, any kite marks developed and approved would also be attainable and recognised across the EU; otherwise they would be contrary to one of the main principles behind the draft EU Data Protection Regulation of increasing harmonisation.