[Ecommerce] APEC meeting in Thailand - Privacy issues

[James Love]

-------- Original Message --------
Subject: Fwd: APEC meeting in Thailand
Date: Tue, 17 Dec 2002 14:19:55 -0500
From: Arrow Augerot <Arrow_Augerot@ita.doc.gov>

See attached email from Peter Ford regarding a proposal on privacy that
Australia intends to table at the upcoming ECSG meeting in February.
Since we will be discussing this proposal at the next meeting, we would
be very interested in receiving your comments.

Best, AA

Arrow Augerot
Office of Electronic Commerce
U.S. Department of Commerce
Tel: 202-482-2670
Fax: 202-501-2548

APEC Senior Officials' Meeting and Related Meetings
12 - 21 February, 2003, Thailand
Proposal for Co-operative Work on Privacy Protection
____________________

The development of electronic commerce across national borders requires 
consideration to be given to arrangements for the protection of personal 
information.  Although much progress has been made in electronic commerce, 
many surveys have indicated that electronic commerce is unlikely to realise 
its full potential until there is greater consumer confidence that personal 
information is appropriately protected in on-line transactions.
The particular approach to privacy protection in individual economies is a 
matter for those economies.  A diversity of approaches is already apparent 
in those countries which have addressed the issues.  However, there would be 
advantage in the development of a common approach within APEC to those 
privacy issues which, in the absence of attention by governments, business 
or industry groups, might inhibit the development of electronic commerce 
across national borders.

In 1980, the Organisation for Economic Co-operation and Development issued 
its Privacy Principles which have since been adopted in laws and 
self-regulatory practices in a number of economies.  In 1995 the European 
Commission issued its Directive on Data Protection which required European 
Union countries to adopt its provisions in national law.  The Directive 
requires member countries to limit the transfer of data to non-member 
countries unless one of a number of conditions are satisfied.  One of the 
conditions is that non-member countries satisfy an ‘adequacy’ test 
administered by the Commission.

The approach taken by the European Commission Directive may not be suitable 
as a standard within APEC economies.  The OECD Privacy Principles, on the 
other hand, may provide a useful starting point for the development of a 
common standard of privacy protection which would avoid the more 
prescriptive nature of the European Commission Directive.  It is envisaged 
that any APEC common standard would recognise that the means by which 
privacy principles should be implemented would be a matter for determination 
by the particular economies.

\The scope for agreement on procedures to enforce the protection of privacy 
in transactions across national borders could be explored.  The approach 
Australia would suggest is for economies to self-certify that they have 
implemented the OECD Privacy Principles.  On this basis, companies that were 
either bound by law or wished to adhere to the principles on a 
self-regulatory basis would also certify to that effect.

The benefit to international trade that is expected to flow from this 
project is a stimulus to the further development of international electronic 
commerce.