APEC vs APT?: The struggle for regional privacy standards Graham Greenleaf ‘Terrorists & Watchdogs’ Conference, 8 September 2003.

Slides:



Advertisements
Similar presentations
PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR
Advertisements

Implications for the Regions EU-Regional Policy 1 Governance White Paper Introduction Adoption of White Paper on European Governance, July 25, 2001 Aim:
EPAA Conference 5 November 2007 Georgette LALIS Enterprise and Industry DG European Commission The international dimension of regulatory acceptance.
Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
Privacy Issues Forum, 30 March 2006, Museum of New Zealand Asia-Pacific developments in information privacy law and its interpretation Graham Greenleaf.
© 2005 Morrison & Foerster LLP All Rights Reserved Data Security and Incident Notification: The Impact of Foreign Law Presented April 26, 2006 to EDUCAUSE.
Implementing Convention on the Rights of Persons with Disabilities- first five years: From the perspective of a CRPD Committee expert Damjan Tatic, Ph.
Five years of the APEC Privacy Framework - Failure or Promise? Graham Greenleaf Faculty of Law, University of New South Wales ASLI Conference, NUS, Singapore,
CSE2500 Systems Security and Privacy Week 11 Privacy Law in Australia (after 2000)
Declaration on the Rights of Indigenous peoples (UNDRIP)
6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.
The Treaties, Institutions and Policies of the EU
Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
EU: Bilateral Agreements of Member States
EU: Bilateral Agreements of Member States. Formerly concluded international agreements of Member States with third countries Article 351 TFEU The rights.
3rd session: Corporate Governance
Transborder dataflows Flow of information across national borders Much of this data involves personal information.
Personal Data Privacy and The Internet by Stephen Lau Privacy Commissioner for Personal Data, Hong Kong SAR at the Joint Conference of the OECD, HCOPIL,
Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
From European to international standards on data protection (1/2)
Class 13 Internet Privacy Law European Privacy.
Personal Data (Privacy) Ordinance Hong Kong Personal Data (Privacy) Ordinance Hong Kong by Stephen Lau Privacy Commissioner for Personal Data Hong Kong.
Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)
Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.
Spring Semester 2009 IT Policy and Technology: Japan and Global IT Environment 世界のなかの日本としての IT 政策と技術 Jun Murai Masaaki Sato Jun Takei May 21, Privacy.
APEC vs APT?: The struggle for regional privacy standards Graham Greenleaf ‘Terrorists & Watchdogs’ Conference, 8 September 2003 See
1 Click to Check Public FTAA.ecom/inf/122 February 13, 2002 Original: English.
Conference for LGBT families in Europe Overview of the work of the Council of Europe in the field of family law Sabrina Cajoly - Council of Europe Directorate.
European Standards on Confidentiality and Privacy in Healthcare Dr Colin M Harper Division of Psychiatry & Neuroscience Queen’s University.
Data Protection Privacy in the Digital Age: the UN General Assembly Resolution Sophie Kwasny, 16 October th International Conference, Mauritius.
1 Sydney, 2 Oct 2008 Cross-border data flows: Who benefits from abandoning borders? Ø + Graham Greenleaf & Nigel Waters.
The European influence on privacy law and practice Nigel Waters, Pacific Privacy Consulting International Dimension of E-commerce and Cyberspace Regulation.
The Eighth Asian Bioethics Conference Biotechnology, Culture, and Human Values in Asia and Beyond Confidentiality and Genetic data: Ethical and Legal Rights.
A Perspective: Data Flow Governance in Asia Pacific & APEC Framework Martin Abrams October 21, 2008.
The Road Transport harmonisation Project Group (RTHP) 21 st APEC TRANSPORTATION WORKING GROUP MEETING RTHP Phase 5 Stage 3 Workshop 24, September,2002.
Doing ethical disability research: minimising harm for participant and researcher Australasian Association of Bioethics and Health Law Conference 14 July.
Communicating interpretations: Building confidence in principles Graham GreenleafGraham Greenleaf, UNSW Interpreting Privacy Principles: Chaos or Consistency?
Promoting Credit Reporting Standards in APEC by Dong Hongxing, Experian Presentation for Meeting of the Advisory Group on APEC Financial System Capacity-Building.
Privacy in Romania Today’s Challenges Bogdan Manolea A.B.U.S.E.
Asia-Pacific privacy Commissioners - Black holes & Collective inaction Graham Greenleaf Professor of Law, University of New South Wales 11 September 2003.
Privacy: An International Perspective Marty Abrams August 18, 2008.
Data protection and compliance in context 19 November 2007 Stewart Room Partner.
1 IAPP TRUSTe Symposium: Privacy Futures ASIAN PRIVACY AT THE CROSSROADS IAPP TRUSTe Symposium: Privacy Futures (Session 3.06 “International Privacy: A.
Basic economic freedoms. 1. Free movement of goods The Community shall be based upon a customs union which shall cover all trade in goods and which shall.
Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.
Council of Europe Child Participation Assessment Tool Agnes von Maravic Children’s Rights Division Council of Europe Based on slides prepared by Gerison.
© International Training Centre of the ILO International Labour Standards and the ILO Supervisory System: tools to defend workers’ rights Geneva,
Law LA1: European Union Institutions European Union Institutions AS Level Law: Unit 1.
František Nonnemann Skopje, 9th October 2012 JHA DP aspects related to provision of information about public figures in CZ.
Global Standards Linked to Global Value Jörg Polakiewicz Head of Human Rights Policy and Development Department Directorate General Human Rights and Rule.
Data Protection Laws in the European Union John Armstrong CMS Cameron McKenna.
Privacy in the Digital Age: the UN General Assembly Resolution
Convention 108 and the EU framework: Differing while Converging
Europe’s ‘Highly Competitive Social Market’ Economy
European Union Institutions Law Making
THE NEW GENERAL DATA PROTECTION REGULATION: A EUROPEAN OR A GLOBAL STANDARD? Bart van der Sloot Senior Researcher Tilburg Institute for Law, Technology,
Data Protection: EU & International
Convention108 in a snapshot
APP entities (organisations)
Data Protection & Human Rights
Protection of Personal Information Bill: An International Perspective
Alternative reporting to the Committee on the Rights of Persons with Disabilities Module 7.2.
Council of Europe Child Participation Assessment Tool
Information technologies/NBIC and Big data
The Modernisation of Convention108
Professor at Kyung Hee Univ.
Graham Greenleaf Faculty of Law, University of New South Wales
EU Data Protection Legislation
Presentation transcript:

APEC vs APT?: The struggle for regional privacy standards Graham Greenleaf ‘Terrorists & Watchdogs’ Conference, 8 September 2003

Regional privacy standards There is no global standard One region (Europe) has successfully developed regional standards Council of Europe Convention 1981 European privacy Directive 1995 The Asia-Pacific is the next most advanced region in privacy protection Far less political and economic unity or uniformity Starting the most important international privacy developments since the EU Directive ….

Toward an Asia-Pacific standard APEC’s privacy initiative Chaired by Australia Asia-Pacific Telecommunity (APT) Chaired by Korea Asia-Pacific Privacy Charter Council A ‘civil society’ expert group FTAA will also affect some countries (Free Trade Area of the Americas)

APEC’s privacy Principles Australia chairs a working group of 10 countries since Feb 03 Starting point: OECD Guidelines (1981) What’s the purpose?: A minimum standard where compliance will (somehow) justify regional free flow of person information A standard which will encourage (minimum) protection in countries where there is none

APEC’s privacy Principles - Progress or stagnation? 5 draft versions in 6 months Do not yet reach OECD standards Only considering very minor improvements to OECD V2 strengthened V1, but V3 and V4 far weaker for little apparent reason Serious US input coincides with V3 At best it offers ‘OECD Lite’ ….

APEC’s ‘OECD Lite’ Examples of weak and outdated standards Based on Chair’s V4 (Aug 03) - now behind closed doors No objective limits on information collection (P1) No requirement of notice to the data subject at time of collection (P3) Secondary uses allowed if ‘not incompatible’ (P3) OECD Parts 1, 3, 4 and 5 all missing as yet Farcical national self-assessment proposed (V1) Why start from a 20 year old standard? Most regional countries are not members Recognised as inadequate (eg Kirby J 1999)

The alternative: A real Asia-Pacific standard Actual standards of regional privacy laws Eg Korea, Canada, Hong Kong, New Zealand, Taiwan, Australia, Japan, Argentina Principles stronger than OECD are common Expert input is needed to identity this standard, not filtered through governments Privacy Commissioner need a collective role No equivalent yet to A29 Committee Santiago (Feb 04) only offers input on implementation Asia-Pacific NGO experts are developing the APPCC We need to adopt and learn from 25 years regional experience, not ignore it

Examples of high regional standards Collection objectively limited to where necessary for functions or activities (HK, Aus, NZ - Can stricter) Notice upon collection (Aus, NZ, HK, Kor) Secondary use only for a directly related purpose (HK, NZ, Aus - Kor stricter) Right to have recipients of corrected information informed (NSW, NZ) Deletion after use (HK, NZ, NSW, Kor)

APT privacy Guidelines (draft) Asia-Pacific Telecommunity (APT) 32 states via Telecomms ministries (etc) Guidelines on the Protection of Personal Information and Privacy (draft), July 2003 Drafting by KISA (Korea), with Asian Privacy Forum Attempts to take a distinctive regional approach Explicitly not based solely on OECD or EU (cl8) Says OECD Guidelines ‘reflect … the 70s and 80s’ ‘Concrete implementation measures’ unlike OECD Allows more variation between States that EU Emphasises role of government, not litigation Adds new Principles in at least five areas …

APT Guidelines - implementation Legislation required + self-regulation encouraged A privacy supervisory authority required Supervision and complaint investigation Data export limits may be ‘reasonably required’ to protect ‘privacy, rights and freedoms’; free flow of information otherwise required Limits on these guidelines only by legislation; only to the extent necessary for other public policies Common character string need to deal with spam

APT Guidelines - new Principles No disadvantage for exercising privacy rights (A5(2)) Notification of corrected information to 3rd party recipients (A6(4)) ‘Openness’ of logic of automated processes (A7) No secondary use without consent (A 14(2)) Deletion if consent to hold is withdrawn (A16) Duties on change of information controller (A19) Special provision on children’s information (A34) Personal location information Principle (A30) Unsolicited communications Princple (A31)

Conclusions Why are APEC and APT so different? Membership similar except for the USA Australia’s APEC initiative had a defensive and outdated starting point (OECD) Inadequate process: no collective expert input, and now behind closed doors A more consultative, confident, and region- based APEC initiative is needed

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.