Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Decoding lessons from the Facebook Consent Decree: Does Sarbanes–Oxley foreshadow the future of privacy regulation?
International Journal of Disclosure and Governance ( IF 2.9 ) Pub Date : 2021-05-06 , DOI: 10.1057/s41310-021-00124-2
Patrick M. Ryle , Brett L. Bueltel , Mark A. McKnight , Judy K. Beckman

This paper examines the utility of the Sarbanes–Oxley Act of 2002 to assist regulators engaged in privacy policy development. By exploring best practices employed by the financial reporting industry, and the specific terms of the Sarbanes–Oxley Act of 2002, the present research offers guidance for the incorporation into privacy regulation. The paper advocates that both the FTC/Facebook Court Order and the Sarbanes–Oxley Act of 2002 should be now be considered de facto minimum standards for American privacy policy, including required CEO certifications of industry obligations, establishment and maintenance of effective internal controls, required CEO, CFO and CPO certification of control compliance, disgorgement of ill-gotten gains by organizations and executives, requirement of independent third-party compliance review as well as independence of audit committees and privacy compliance staff and, finally, the establishment of, and compliance with, a regulatory oversight board similar to the PCAOB.



中文翻译:

从Facebook同意令中汲取教训:《萨班斯法案》是否预示着隐私监管的未来?

本文研究了2002年《萨班斯法案》(Sarbanes-Oxley Act)对协助制定隐私政策的监管机构的效用。通过探索财务报告行业采用的最佳做法以及2002年《萨班斯法案》的特定条款,本研究为将其纳入隐私法规提供了指导。该论文主张,现在应将FTC / Facebook法院命令和2002年《萨班斯-奥克斯利法案》视为美国隐私政策的事实上的最低标准,包括要求的CEO对行业义务的证明,有效的内部控制的建立和维护。首席执行官,首席财务官和首席财务官对控制合规性的证明,对组织和高管的不正当收益的侵害,

更新日期:2021-05-06
down
wechat
bug