|
This page is available at: www.oecd.org/sti/privacycooperation.
More than 25 years after the adoption of the OECD Privacy Guidelines, virtually all OECD countries have enacted privacy laws and empowered authorities to enforce those laws. However, the volume and characteristics of cross-border data flows have been evolving, elevating privacy risks and raising cross-border challenges.
Early in 2006, the OECD undertook an examination of challenges posed by cross-border aspects of privacy law enforcement, beginning with a Questionnaire addressed to OECD governments.
Building on the results of the Questionnaire, the OECD released a Report on the Cross-border Enforcement of Privacy Laws in October 2006. The report examines the law enforcement authorities and mechanisms that have been established with a particular focus on how they operate in the cross-border context. It describes existing arrangements to address the challenges and identifies a number of issues that require further consideration.
To further explore the cross-border challenges and obtain input from the global data protection community, a Roundtable on Privacy Law Enforcement Co-operation was organised by Jennifer Stoddart, Privacy Commissioner of Canada, on 1 November 2006 and hosted by Hunton and Williams in London. (Agenda and presentations)
The OECD held a Roundtable on the Cross-border Privacy Law Enforcement Co-operation in Paris on 12 March 2007, to continue the dialogue among privacy enforcement authorities begun in London in October 2006. The roundtable included an exchange of cross-border enforcement experiences and strategies to improve co-operation. It also examined the ways law enforcement co-operation is done in other areas, and included updates from relevant privacy initiatives in other forums. (Agenda and presentations)
On 12 June 2007, the OECD Council adopted a new Recommendation setting forth a framework for co-operation in the enforcement of privacy laws. The framework reflects a commitment by governments to improve their domestic frameworks for privacy law enforcement to better enable their authorities to co-operate with foreign authorities, as well as to provide mutual assistance to one another in the enforcement of privacy laws.
Initiatives to implement the Recommendation are well underway. The OECD has developed two model forms to facilitate privacy law enforcement co-operation. The first is a form to assist in the creation of a list of contact points in each country to co-ordinate requests for assistance. The second is a form for use by an authority in requesting assistance to help ensure that key items of information are included in the request.
One part of the Recommendation calls for a consultation between privacy authorities and privacy professionals on how best to resolve privacy complaints. In On 27th May 2008, the OECD held a Roundtable bringing together some 50 participants, composed of privacy enforcement authorities and privacy professionals from many parts of the world. Canadian Privacy Commissioner Jennifer Stoddart chaired the day-long event. Available documentation from the event includes: the Agenda, presentations, and a Summary of the Discussion.
The Recommendation and related work has been developed by the OECD Committee for Information, Computer and Communications Policy (ICCP), through its Working Party on Information Security and Privacy (WPISP). The work, conducted in close cooperation with privacy enforcement authorities, is led by Jennifer Stoddart, Privacy Commissioner of Canada. It has built upon other OECD work on law enforcement co-operation in areas like spam and cross-border fraud.
|
