APEC Privacy Framework
|APEC Privacy Framework|
|Type of project||Report|
The APEC Privacy Framework, which intends to promote electronic commerce through the Asia Pacific region. The Framework applies the core values of the OECD’s Guidelines on the Privacy Protection and Trans-Border Flows of Personal Data (OECD Guidelines), and it made the reaffirmations for the value of privacy to individuals and to the information society.
The previous version of the Framework (2005) was created according to the pattern of the OECD Guidelines (1980) which represented the international consensus on what constitutes trustworthy and fair treatment of personal information at that time.
The updated Framework (2015) models upon principles introduced into the OECD Guidelines (2013) with overdue consideration for the different legal features and context of the APEC region.
The previous version of the framework (2005) was modelled on the OECD Guidelines (1980), which at the time represented an international consensus on what constitutes fair and trustworthy personal information processing. The updated framework (2015) draws on the concepts introduced in the OECD Guidelines (2013), with due regard to the different legal characteristics and backgrounds of the APEC region.
Since 21-century, the electronic commerce has become the significant part of global commerce and international investment, Cross-border network retailing, cross-border data outsourcing, and multinational corporations' business activities all involve the cross-border flows of personal information, and the differences in the level of personal information protection in various countries have raised concerns about the protection of cross-border information privacy. APEC member economies realize the digital economy is very potential to expand business opportunities continually. A framework is an urgent need to protect privacy within and beyond economies and to enable regional transmits of personal information is beneficial to consumers, businesses, and governments. Furthermore, the APEC Privacy Framework, which noticed the importance of the development of effective privacy protections, avoids barriers to information flows and ensures the continued trade and economic growth in the APEC region. It aims to promote electronic commerce to reduce costs, increase efficiency, improve the quality of life., and facilitates the greater participation of small business in global commerce.
1. Preventing Harm
3. Collection Limitation
4. Uses of Personal Information
5. Choice 6. The integrity of Personal Information
7. Security Safeguards
8. Access and Correction
Member economies should inform APEC of the domestic implementation of the framework by completing and regularly updating the Information Privacy Individual Action Plan (IAP). And in the international process of implementation, member economies should consider the following essences which relate to protecting the privacy of personal information.
GUIDANCE FOR DOMESTIC IMPLEMENTATION
1. Maximizing Benefits of Privacy Protections and Information Flows
2. Giving Effect to the APEC Privacy Framework
3. Privacy Management Program
4. Promotion of technical measures to protect privacy.
5. Public education and communication.
6. Cooperation within and between the Public and Private Sectors
7. Providing for appropriate remedies in situations where privacy protections are violated
GUIDANCE FOR INTERNATIONAL IMPLEMENTATION
1. Information sharing among member economies
2. Cross-border cooperation in investigation and enforcement
3. Building cross-border privacy mechanisms
4. Cross-border transfers.
5. Interoperability between privacy frameworks
According to the journal" A Comparative Study of the APEC Privacy Framework- A New Voice in the Data Protection Dialogue?" from Tan, Tan determined the APEC Privacy Framework 2004 appears rather non-prescriptive as regards implementation and enforcement and thus has been much criticized. For example, the domestic implementation guidelines in Part 4 do not require any means of implementing the Framework but merely provide that there are several options for giving effect to the Framework “including legislative, administrative, industry self-regulation” and that the Framework is meant to be implemented in a flexible manner. No central enforcement body is required to save that Member Economies should consider taking steps to establish access points or mechanisms. As for remedies, the author Tan states it should include an appropriate array of solutions such as redress and the ability to stop a violation from continuing but does not assure that legislative remedies must be put in place.
The article“Five years of the APEC Privacy Framework: Failure or promise?" from Greenleaf believes APEC Privacy Framework has had many flaws from its inception, including Privacy Principles that are unnecessarily weak, and no meaningful enforcement requirements. Since its adoption in 2004, little attempt has been made to encourage its use as a minimal standard for privacy legislation in developing countries (which might have been useful), and it is having little impact on the significant number of legislative developments now taking place. APEC Privacy Framework needs to re-oriented itself so that it still can play a useful role in the gradual development of higher privacy standards in Asia.
According to the journal "Why the APEC Privacy Framework is unlikely to protect privacy" from Pounder. Pounder pointed out the lack of detail in the framework makes it an unstable basis, and it is possible to create mutually inconsistent national privacy laws and regulations that are far below the traditional European themes. He assumed the framework is implemented by APEC member countries and is designed to provide a legal basis for promoting the international transfer of personal data while providing minimum standards of privacy protection. This analysis shows that the APEC privacy framework lacks plenty of data protection details. In the absence of this essential detail, Pounder believed the framework is unable to provide adequate protection as required by the European Data Protection Directive; it may lead to inconsistencies in APEC member states and confusion over national data protection laws, regulations or rules; it very likely to be supervised by a fragile regulatory system. Member States may be allowed to adopt different policies regarding important privacy, with the result that the framework is unlikely to provide an adequate, long-term, basis for international trade in personal data; and principles and procedures for the implementation of the approach may include unacceptable or minimal protection of personal data.
- "APEC Privacy Framework (2015)". www.apec.org. Retrieved 2019-06-02.
- Asia Pacific Economic Cooperation (Organization). Secretariat (2005). APEC privacy framework. Singapore: APEC Secretariat. ISBN 9810544715. OCLC 163664766. Search this book on
- Tan, Johanna G. (2008). "A Comparative Study of the APEC Privacy Framework- A New Voice in the Data Protection Dialogue?". Asian Journal of Comparative Law. 3: 1–44. doi:10.1017/S2194607800000181. ISSN 2194-6078.
- Greenleaf, Graham (2009-01-01). "Five years of the APEC Privacy Framework: Failure or promise?". Computer Law & Security Review. 25 (1): 28–43. doi:10.1016/j.clsr.2008.12.002. ISSN 0267-3649.
- Busch, Andreas (2015), "Privacy, technology, and regulation: why one size is unlikely to fit all", in Roessler, Beate; Mokrosinska, Dorota, Social Dimensions of Privacy, Cambridge University Press, pp. 303–323, doi:10.1017/cbo9781107280557.017, ISBN 9781107280557
This article "APEC Privacy Framework" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:APEC Privacy Framework. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.