Independence of data privacy authorities (Part II): Asia-Pacific experience

详细信息	查看全文 | 推荐本文 |

• 作者：Graham Greenleaf  ; [Author Vitae]
• 关键词：Data privacy ; Data privacy Asia and Pacific ; Data protection authorities ; Data Protection Directive 95/46/EC ; Article 29 Working Party ; Regional privacy policy
• 刊名：Computer Law and Security Report
• 出版年：2012
• 期刊代码：26_02673649
• 类别：cp
• 出版时间：April, 2012
• 卷：28
• 期：2
• 页码：121-129
• 文件大小：208 K

摘要

Part I of this article in [2012] 28 CLSR 3-13 analysed the views of learned commentators on what constitutes the 鈥榠ndependence鈥?of data protection authorities (DPAs). It concluded that a more satisfactory answer needed to be found in the international instruments on data privacy and on human rights bodies, their implementation and judicial interpretation, and in the standards that have been proposed and implemented by DPAs themselves. It found that only the OECD and APEC privacy agreements did not require a DPA (and therefore had no standards for its independence). Thirteen factors were identified as elements of 鈥榠ndependence鈥?across these instruments and standards, five of which were more commonly found than others.

Part II of this article considers how criteria for independence of DPAs have been implemented in those jurisdictions in the Asia-Pacific with data privacy laws (Australia, Hong Kong SAR, India, Japan, Macau SAR, Malaysia, South Korea, Taiwan, and Thailand, plus five Australian States and Territories). It finds seven of the elements of independence found in international instruments and standards are often found in these jurisdictions, and some others are found occasionally. It argues that the jurisdictions in the Asia-Pacific whose data privacy laws include an independent DPA provide a better level of privacy protection than those whose laws do not include a DPA, based on conclusions about effectiveness in other studies. However, regional experience does not yet tell us much about the most desirable structure for a DPA.