Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

Updating APEC’s Privacy Framework Blair Stewart
24 February 2015

APEC Privacy Framework edit

APEC recently moved one step closer towards the goal of updating its privacy framework in time to mark the 10th anniversary of the framework’s adoption in 2005.

Last month at a meeting in Subic Bay, the Philippines, APEC’s Electronic Commerce Steering Group (ECSG) endorsed an ECSG Data Privacy Subgroup (DPS) plan to concentrate on updating the framework in six priority areas. The work is part of a DPS privacy ‘stocktake’ project.

In light of the role of the 1980 OECD Guidelines on the Protection of Privacy and Trans-border Flows of Personal Data, it was agreed that the stocktake should be based on the 2013 Guidelines. The importance of these guidelines cannot be overstated as they are the foundation and starting point for the APEC Privacy Framework.

One major path to advance the stocktake was for a comparative review of the changes to the OECD guidelines and their likely impact on the APEC framework. The New Zealand Office of the Privacy Commissioner undertook this review as part of an Australia, Canada and New Zealand stocktake group.

Six priority areas

The review recommended that concrete proposals for updating the APEC Privacy Framework be concentrated in six areas. These are by:

  1. introducing the concept of privacy management programmes.
  2. adding breach notification as part of the recommended remedies where privacy protections are violated.
  3. enhancing domestic implementation approaches by reference to economy strategies, technical measures (sometimes called ‘privacy by design’) and the role of privacy enforcement authorities.
  4. enhancing international implementation by reference to interoperability with privacy frameworks based outside the region and by developing internationally comparable metrics.
  5. offering guidance by outlining the factors to be considered in balancing trade considerations when restricting cross-border transfers for reasons of privacy; and
  6. making suitable updates to the preface and commentary.

In developing the proposals, the stocktake group kept a number of factors in mind such as:

  • will the change contribute to the APEC objectives (e.g. to promote economic growth and remove distortions that impede trade)?
  • will the change help ensure that the APEC Framework more effectively responds to technological and marketplace evolution since 2005?
  • will the change help ensure that the APEC Framework remains ‘fit for purpose’ for another 10 years?
  • will the change promote interoperability between the APEC Framework and other arrangements at international level?

The stocktake group received a mandate to continue with its work and to develop more concrete updating proposals. The group working on the stocktake has been enlarged and now consists of Australia, Canada, Japan, New Zealand, the United States and two guests of APEC’s Electronic Commerce Steering Group - the International Chamber of Commerce and the Internet Society.

The group will report back to APEC’s Data Privacy Subgroup in August 2015.

0 comments

, ,

Back

Comments

No one has commented on this page yet.

Post your comment

The aim of the Office of Privacy Commissioner’s blog is to provide a space for people to interact with the content posted. We reserve the right to moderate all comments. We will not publish any content that is abusive, defamatory or is obviously commercial. We ask for your email address so that we can contact you if necessary to clarify your comment. Please be respectful of authors and others leaving comments.

Latest Blog Entries