New Zealand's Privacy Commissioner, Marie Shroff, believes the threat to the protection and privacy of data is growing at an alarming rate and will continue to do so unless some international solutions are found to combat this problem.
Ms Shroff was appointed chair of the International Conference of Data Protection and Privacy Commissioners's Steering Group on Representation before International Organisations in October 2008, when the Steering Group was established at their 30th International Conference in Strasbourg. There are 80 data protection authorities at the International Conference.
At the Conference, a resolution was passed on the urgent need for protecting privacy in a borderless world, and for reaching a Joint Proposal for setting International Standards on Privacy and Personal Data Protection. A working group was tasked with developing a joint proposal for setting international standards on privacy and personal data protection, according to the following criteria.
- To draw on the principles and rights related to the protection of personal data in the different geographic environments of the world, with particular reference to legal and other texts that have attracted a wide degree of consensus in regional and international forums.
- To elaborate a set of principles and rights which, while reflecting and complementing existing texts, aim to achieve the maximum degree of international acceptance ensuring a high level of protection.
- To assess the sectors in which these principles and rights are applicable, including alternatives focused on harmonizing their scopes of application.
- To define, taking into account the diverse legal systems, the basic criteria that guarantee their effective application.
- To examine the role to be played by self-regulation.
- To formulate the essential guarantees for better and flexible international transfers of data.
The resolution also stated that the process of drafting this joint proposal should be carried out by encouraging extensive participation in the working groups, fora or hearings, of public and private organisations and entities, with the purpose of obtaining the broadest institutional and social consensus. Particular attention should be paid to the ongoing work of the International Organization for Standardization (ISO) and of the International Law Commission.
A significant step towards achieving an international solution took place on 13 May 2009, with a joint announcement by Ms Shroff and Walter Fumy, Chairman of the International Organisation for Standardisation (ISO) and International Electrotechnical Committee (IEC) joint technical committee (JTC) 1/Subcommittee (SC) 27 – the leading international Standards committee on information security.
Ms Shroff and Mr Fumy announced that the International Conference of Data Protection and Privacy Commissioners had appointed Steven Johnston, Senior Security and Technology Advisor to the Office of the Privacy Commissioner of Canada, as liaison officer on identity management and privacy technologies for SC 27's working group (WG) 5.
'There are now many players in the international scene working to develop solutions to the privacy challenges facing the world,' says Commissioner Shroff. 'Steven Johnston has a depth of experience in relation to security, technology, and the Standards process that will serve the Conference and WG 5 well.'
Dr Walter Fumy said, 'I warmly welcome this collaborative development with the International Conference of Data Protection and Privacy Commissioners. It represents an important turning point in advancing data privacy and protecting personal information through the publication of international privacy Standards in the area of technology in the near future.'
For further information about the International Conference of Data Protection and Privacy Commissioners, go to:
- Resolutions on development of international Standards (pdf). http://www.privacyconference2008.org/adopted_resolutions/1-MONTREAL2007/MONTREAL-EN4.pdf
- Resolution concerning the establishment of a steering group on representation at meetings of international organisations (pdf). http://www.privacyconference2008.org/adopted_resolutions/STRASBOURG2008/resolution_steering_group_en.pdf
- To this year's conference website, 31st International Conference of Data Protection and Privacy. http://www.privacyconference2009.org/privacyconf2009/home/index-iden-idweb.html