PCO Office of the Privacy Commissioner for Personal Data, Hong Kong image image
Privacy Policy StatementSearchSite DirectoryText Only VersionChinese  
Media StatementSpeeches and Articles &  PapersMulti-media Information
Exhibition MaterialsOther Related WebsitesArchiveOther Resources
On-line Self TrainingSubmissions to Public Consultation
image

Information Centre
Media Statement

 
 


Date: 21 June 2012

37th APPA Forum — Communiqué

The 37th Asia Pacific Privacy Authorities (APPA) forum was hosted by the Office of the Privacy Commissioner for Personal Data, Hong Kong in Hong Kong on 14–15 June 2012.

Participants discussed and agreed actions for a wide range of cross-border policy, education and enforcement issues over the two days of the meeting. Selected highlights of those discussions and agreed actions follow.

Global Privacy Enforcement

The meeting analysed current global privacy enforcement issues, such as recent significant data breaches, and the latest activities in international forums. Discussions covered effective international collaboration in enforcement, interoperability and development of cross-border privacy rules, privacy reform in the United States and the EU. Updates on the APEC Privacy Framework and Cross-Border Privacy Enforcement Arrangements (CPEA), the Global Privacy Enforcement Network, and the current review of the OECD Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data were also discussed.

Members agreed that greater cooperation between Data Protection and Privacy Authorities was essential in an environment where the cross jurisdictional transfer of personal information was growing exponentially. Members supported the ongoing work in this area being undertaken through fora such as APEC and the OECD.

Update on International Conference of Data Protection and Privacy Commissioners

The meeting discussed the theme “Privacy and Technology in the Balance” for the 34th International Conference of Data Protection and Privacy Commissioners which will be hosted by the Personal Data Control Regulatory Unit (URCDP), in Punta del Este, Uruguay from 23 to 26 October 2012.

Privacy Awareness Week 2012

Privacy Awareness Week (PAW) took place from 30 April to 5 May 2012. The Communications Working Group reported on the success of various activities held as wells as creative promotional materials produced and used in members’ jurisdictions to promote privacy awareness. To encourage and facilitate access to information on personal data protection throughout the Asia Pacific region, APPA members compiled a list of useful resources available at www.privacyawarenessweek.org/youth.html.

Google’s new privacy policy

The Technology Working Group (TWG) reported on its ongoing dialogue with Google to clarify its privacy policy that took effect on 1 March 2012. Noting the clarifications and improvements made by Google, members agreed that their collective efforts via the TWG in the immediate term would be to keep in view the ongoing enquiries being conducted by CNIL. The TWG would consider its next steps having seen the responses to the CNIL enquiries.

Information on Public Registers

The topic of public registers was revisited by Members against the context of technological advancement. Tensions between the openness and transparency principle to allow public access to government information and the individual’s personal data privacy rights is heightened with ever-increasing ease of access to public registers through various online and mobile technologies. From the perspective of privacy protection, the question of how to strike the right balance between public access and protection of personal data privacy is increasingly challenging.

Members agreed to consider the issue on a high-principle basis, focusing on an approach that enables public access to government information with commensurate protection for individual privacy.

Smart Phone Applications

The Technology Working Group reported to members on privacy risks relating to smartphone applications, including the non-consensual extraction of personal information. Members expressed concern with this evolving and complex area and agreed to share relevant studies and codes of practice for apps developers. Members agreed to liaise with the International Working Group on Data Protection in Telecommunications (“the Berlin Group”) on its latest actions with the aim of exploring the possibility of developing joint educative and guidance material for consumers and apps developers.

Legal Assistance to aggrieved data subjects

Members discussed avenues available to individuals for assistance with meeting costs associated with taking action against organizations in cases of an alleged breach of privacy. Each jurisdiction outlined what avenues were available in their jurisdictions.

Upon deliberation, members found that the proposed legal assistance scheme under the Hong Kong Personal Data (Privacy) (Amendment) Bill is unique amongst APPA members. There was however other experiences regarding award of damages for privacy infringement that members shared with Hong Kong.

Regulation of direct marketing activities

The proposed regulatory requirements on direct marketing activities under the Hong Kong Personal (Privacy) (Amendment) Bill are amongst the most stringent. Members noted the growing trend of conferring on individuals a right to trace the source of personal data from direct marketers and that Hong Kong’s proposed regulatory control will provide a good reference for other APPA members in their future review of privacy protection.

Open session

The Hong Kong privacy community shared and exchanged views and experiences with APPA members in the open session on the following privacy issues:

  • eHealth record-sharing in Hong Kong
  • Privacy concerns of social networking sites in Hong Kong
  • Privacy issues concerning geo-location information and mobile service devices
  • Cloud computing and data protection

Participants

The meeting was attended by representatives from:

  • Office of the Australian Information Commissioner, Australia
  • Office of the Privacy Commissioner of Canada, Canada
  • Office of the Privacy Commissioner for Personal Data, Hong Kong
  • Korea Internet & Security Agency
  • Personal Information Protection Commission of Korea
  • Federal Institute for Access to Information and Data Protection, Mexico
  • Office of the Privacy Commissioner, New South Wales
  • Office of the Privacy Commissioner, New Zealand
  • Office of the Information Commissioner, Northern Territory
  • Federal Trade Commission, United States
  • Office of the Victorian Privacy Commissioner

Representatives from the following organisations joined the meeting as observers:

  • Office of Personal Information Protection Consumer Affairs Agency, Japan
  • Office for Personal Data Protection, Macao
  • Data Protection Authority, Comissão Nacional de Protecção de Dados, Portugal

Note: To know more about APPA Forum, please visit
http://www.privacy.gov.au/aboutus/international/appa

Back row – From left: Henry Chang, Office of the Privacy Commissioner for Personal Data, Hong Kong; Shirley Lung, Office of the Privacy Commissioner for Personal Data, Hong Kong; Brenda Kwok, Office of the Privacy Commissioner for Personal Data, Hong Kong; Lavinia Chang, Office of the Privacy Commissioner for Personal Data, Hong Kong; Yoichiro Itakura, Office of Personal Information Protection Consumer Affairs Agency, Japan; Heajin Lee, Korea Internet and Security Agency, Korea; Masako Mizumachi, Cabinet Secretariat, Japan; Sonia Sousa Pereira, Data Protection Authority, Portugal; Isabel Cruz, Data Protection Authority, Portugal; Markus Heyder, Federal Trade Commission, United States; Ken Yang Chongwei, Office for Personal Data Protection, Macao; Harry Lio Chi Hon, Office for Personal Data Protection, Macao; Bakita Kan Pui Man, Office for Personal Data Protection, Macao
Front Row – From left: Hiroshi Miyashita, Office of Personal Information Protection Consumer Affairs Agency, Japan; Kwang Hee Choi, Korea Internet and Security Agency, Korea; Anthony Bendall, Office of the Victorian Privacy Commissioner, Victoria; Brenda Monaghan, Office of the Information Commissioner, Northern Territory; Elizabeth Coombs, Office of the Privacy Commissioner, New South Wales; Timothy Pilgrim, Office of the Australian Information Commissioner, Australia; Allan Chiang, Office of the Privacy Commissioner for Personal Data, Hong Kong; Marie Shroff, Office of the Privacy Commissioner, New Zealand; Edith Ramirez, Federal Trade Commission, United States; María Elena PÉREZ-JAÉN ZERMEÑO, Federal Institute for Access to Information and Data Protection, Mexico; Shin Sohyun, Personal Information Protection Commission, Korea; Brent Homan, Office of the Privacy Commissioner of Canada, Canada; Sonia Chan Hoi Fan, Office for Personal Data Protection, Macao
 
 
END
 

Back to top

BackArchive

  imageNotice/ Copyright © Office of the Privacy Commissioner for Personal Data, Hong Kong. All rights reserved. Disclaimer

The contents of this website (including all uploaded publications) must be read subject to the Personal Data (Privacy) (Amendment) Ordinance 2012. Full Version