[OECD Privacy Principles, with amendments as shown:
1. Collection limitation
There should be limits to the collection of personal
data and any such datashould be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject
DataQuality3. Purpose Specification Personal datashould be relevant to the purposes for which they areto be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date.
The purposes for which personal data are collected should be specified not later than at the time of data collection and the subsequent use limited to the fulfilment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose.
4. Use LimitationPersonal data should not be disclosed, made available or otherwise used for purposes other than those specified in accordance with Paragraph 9 except:
a) with the consent of the
data subject; or
b) by the authority of law.
5. Security SafeguardsPersonal
datashould be protected by reasonable security safeguards against such risks as loss or unauthorised access, destruction, use, modification or disclosure of data.
6. OpennessThere should be a general policy of openness about developments, practices and policies with respect to personal7. Individual Participation
datainformation. Means should be readily available of establishing the existence and nature of personal datainformation, and the main purposes of theiruse, as well as the identity and usual residence of the data controllerany person who collects or holds personal information.
An individual should have the right:
a) to obtain fromb) to have communicated to him ,
a data controller, or otherwise,confirmation of whether or not the data controllerhas datarelating to him; datarelating to him
- within a reasonable time;
- at a charge, if any, that is not excessive;
- in a reasonable manner; and
- in a form that is readily intelligible to him ;
c) to be given reasons if a request made under subparagraphs (a) and (b) is denied, and to be able to challenge such denial; and
d) to challenge
datarelating to him and, if the challenge is successful to have the dataerased, rectified, completed or amended.
data controllershould be accountable for complying with measures which give effect to the principles stated above.
(Version 1, February
[Comments are sought on the following options.]
Option 1 - Adherence by economies to statement of principlesOption 2 - Self-certification by economies; compliance by business with national laws
The procedure under this option would be for those economies which wished to implement the principles, or considered that they already implemented them, to make this fact known to other member economies. This is the least ambitious option. Other economies would decide unilaterally what significance they would attach to such a declaration. In some cases, domestic law may require some assessment of privacy protection measures in other economies where personal information is to be transferred across national borders.Economies would certify by some formal procedure that their law complies with the principles and a record would be kept by the Secretariat of economies which had certified to this effect. A certification would be accepted by other economies as a basis upon which personal information could be transferred across national borders. Companies would continue to be bound by the laws of the economies in which they are resident and in which they do business.
Option 3 - Self-assessment by economies coupled with peer reviewProcedures would be developed with reference to those of the Financial Action Task Force but not involving the power to declare that any economy is not in compliance. The relevance of the Financial Action Task Force procedures would be to serve as a basis upon which self-assessment and peer review methodologies might be developed. A description of those procedures can be obtained if required.Option 4 - Development of internal binding codes by global companiesThis approach would enable global companies and multinational groups to develop codes which would be recognised throughout the region, and perhaps globally, as complying with the principles. It would require some assessment procedure involving supervisory authorities. Important contributors to work in this area would be those companies who have been working on global codes of practice.Option 5 - Development of guidelines for protecting privacy across bordersThis approach would be directed towards the development of a framework to facilitate cooperation between supervisory bodies in different economies. It could be adopted in combination with option 4. In this context, it would be useful to develop guidance on how authorities in member economies could co-operate to ensure compliance with codes and thereby give assurance of their effectiveness in a cross-border context.
[any other options?]
See also an article discussing this proposal and these options.
[ APPCC home page]