For several decades the OECD has been playing an important role in promoting respect for privacy as a fundamental value and a condition for the free flow of personal data across borders. The Guidelines on the Protection of Privacy and Transborder Flows of Personal Data constitute the first update of the original 1980 version that served as the first internationally agreed upon set of privacy principles.

Two themes run through the updated Guidelines:

• A focus on the practical implementation of privacy protection through an approach grounded in risk management, and
  
• The need to address the global dimension of privacy through improved interoperability.

The expert group overseeing the 2013 revision also produced a report which identifies a number of issues that were raised but not fully addressed as part of the review process and which could be considered candidates for possible future study.

A number of new concepts were introduced, including:

• National privacy strategies. While effective laws are essential, the strategic importance of privacy today also requires a multifaceted national strategy co-ordinated at the highest levels of government.

• Privacy management programmes. These serve as the core operational mechanism through which organisations implement privacy protection.
   
• Data security breach notification. This provision covers both notice to an authority and notice to an individual affected by a security breach affecting personal data.

Download the full OECD privacy framework booklet including the 2013 Privacy Guidelines