TRUSTe presented a webinar on Managing Customer Data From The EU: Are You Compliant? The panelists were:
Maureen Cooney, CPO and VP of Public Policy, TRUSTe
Damon Greer, Director, US-EU Safe Harbor Framework, US Department of Commerce, International Trade Administration
Heather Shaw, Vice President, ICT Policy, US Council for International Business
Dean Forbes, CIPP, Sr. Director, Global Privacy Office, Global Compliance & Business Practices, Schering Plough
In the EU, the consumer owns the data about them. In the US the collector owns the data.
There is a safe harbor available, but you must be under the jurisdiction of the FTC and the DOT. Financial services sector, insurance, telecommunications and non-profits are not eligibile.