Three Decades Later: The OECD Guidelines and Global Privacy Protection
This page has been archived on the Web
Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.
Remarks at the Conference on the Evolving Role of the Individual in Privacy Protection: 30 Years after the OECD Privacy Guidelines
October 26, 2010
Address by Jennifer Stoddart
Privacy Commissioner of Canada
(Check against delivery)
Thank you very much. We’ve had a fascinating day that has given us a better understanding of the emerging and constantly evolving privacy challenges that all of us face in our respective countries.
I would like to thank all of the speakers for their very thoughtful presentations. We have heard a diversity of opinions, which has been extremely helpful.
If I may, I would also like to take a moment to express my gratitude to the OECD team that made this excellent conference possible. I would also like to thank the members of the Volunteer Group, which I have had the privilege to chair, that assisted the OECD’s Michael Donohue and the other members of the Working Party on Information Security and Privacy Secretariat in planning this event.
We’ve been here to celebrate the OECD Guidelines on the Protection of Privacy and Transborder Flows of Data, which blazed a trail for global privacy 30 years ago.
As many of you know, this is the second event commemorating the Guidelines. In March, the OECD organized an exceptional event where we were privileged to hear the Honourable Michael Kirby and other members of the Expert Group explain the process the resulted in the drafting of the Guidelines.
To my mind, the Guidelines have served us – and continue to serve us – remarkably well given how much has changed since 1980.
Technology, globalization and societal norms have dramatically changed the privacy landscape over the last three decades.
Without adequate protection, the risks are significant – to consumer confidence, to global business, and, of course, to some of the very fundamental rights that people around the world expect.
Today we’ve focused on how the current environment is testing the OECD Guidelines – and, in fact, data protection regimes around the globe.
Over the course of the day, several important themes have emerged.
At the beginning of the day, we heard a startling figure – we will collectively send 6 trillion texts this year. This highlighted the issues that have been the focus of this conference.
We live in an era of big data. Our challenge as a society is how to protect this data deluge.
We heard about how complex the concept of personal information has become – and we debated the efficacy of anonymization as a way to mitigate the risk.
How do we help make individuals aware of how big data? We discussed the need to help individuals understand how sophisticated analytics are making use of their information – or is this even possible?
We were reminded about some of the positives that technologies are offering us. While we focus on how all that information out there is privacy invasive, the flipside is the social value that stems from our increased ability to share data.
We heard the intriguing suggestion that perhaps we should think about adding a concept of empowerment to the OECD guidelines to balance the concept of data minimization, which has always been at the core of the guidelines.
The importance of privacy friendly default settings and other privacy by design concepts was also emphasized.
How do we do all of this and still encourage the innovation that drives economic growth?
We have long recognized the need to move the discussion from the bishops here in this room to the streets – to individual users. Now, we must reach out to the garages where the app economy is being created by solo entrepreneurs connecting to a global community of users.
With this successful day behind us, the final event in this anniversary year is only a handful of weeks away. In Paris, we’ll be holding a roundtable on December 1st to discuss the economics of personal data and privacy, followed by a meeting of the Working Party on Information Security and Privacy.
2011 is going to be another busy year for the OECD.
The OECD is planning to publish two reports to mark the 30th Anniversary of the Guidelines. The first will include the OECD Report on the Evolving Privacy Landscape that is nearing completion and a report on cross-border privacy enforcement co-operation.
The second report will focus on the economic aspects of privacy, drawing on the December Roundtable. Both reports will include background papers prepared by external experts.
All of this will set the stage for the Working Party on Information Security and Privacy to begin taking a detailed look at the Guidelines and their continued relevance in this new environment.
This will be an important and challenging exercise and I urge those of you who are interested to provide input through your national delegations to the Working Party.
We all owe the OECD a debt of gratitude for playing such an important leadership role in promoting the protection of personal information and I feel privileged to have been able to contribute.
- Date modified: