Since 1980, the volume and characteristics of cross-border data flows have been evolving, elevating privacy risks and raising crossborder enforcement challenges. This has resulted in the need for a more global and systematic approach to cross-border privacy law enforcement co-operation.
On 12 June 2007, the OECD Council adopted a Recommendation setting forth a framework for co-operation in the enforcement of privacy laws. OECD governments have been active in implementing the Recommendation and in April 2011 the OECD issued a report on the progress made. Among the initiatives highlighted in the report is the launch in 2010 of a new global network for co-operation by privacy enforcement authorities (GPEN).
Work by the OECD on this subject started in early 2006 with a questionnaire, which formed the basis for the “Report on the Cross-border Enforcement of Privacy Laws” (October 2006).
The Recommendation and related work have been developed by the OECD Committee for Information, Computer and Communications Policy (ICCP), through its Working Party on Information Security and Privacy (WPISP). The work, conducted in close cooperation with privacy enforcement authorities, is led by Jennifer Stoddart, Privacy Commissioner of Canada. It has built upon other OECD work on law enforcement co-operation in areas like spam and cross-border fraud.