Today, the European Court of Justice has struck down a treaty, called Safe Harbor, that governed the transfer of electronic data between Europe and the United States. How does this affect ORCID?
At ORCID, we have a fundamental commitment to our user’s privacy. Researchers expressly opt in to ORCID’s privacy practices when they create an ORCID record. Our system does not collect or store personally sensitive information. Starting with a strong privacy policy that describes your rights, our practices ensure you have control over what data are connected to your ORCID record and who has access to your data. At the end of the day, ORCID is about openness, access, discoverability, and transparency. We provide a public registry for use by the community, free of charge.
As a non-profit organization, ORCID was not eligible to formally participate in the Safe Harbor program. Instead of relying on self-certification under that program, we have gone through additional scrutiny by our European colleagues to ensure that our privacy policies are in line with European privacy requirements. In addition, we undergo an annual review and certification of our privacy policy and practices by an independent third party.
We will continue to engage with the international community to assess our privacy policy and practices and remain open to discussing, evaluating, and – as needed – amending, any of our policies and practices, in a transparent manner to ensure that we get it right as the situation evolves in Europe and elsewhere.