31st APPA Forum — Communiqué

The 31st Asia Pacific Privacy Authorities (APPA) Forum was held in Hong Kong, from 11–12 June 2009. This Communiqué outlines the initiatives discussed at this Forum.

Back row — from left: Shirley Lung, Office of the Privacy Commissioner for Personal Data, Hong Kong; Harry Lio, Office for Personal Data Protection, Macao; Ken Yang, Office for Personal Data Protection, Macao; Chan Hoi Fan, Coordinator, Office for Personal Data Protection, Macao; Mr. Park, Korean Information Security Agency; David Taylor, Office of the Victorian Privacy Commissioner; Timothy Pilgrim, Deputy Privacy Commissioner, Office of the Privacy Commissioner, Australia; Alethea Sim, Korean Information Security Agency; Luís Silveira, National Commission for Data Protection, Portugal; Judge Carlos Lobo, National Commission for Data Protection, Portugal; Bonnie Smith, Deputy Privacy Commissioner for Personal Data, Hong Kong; Brenda Kwok, Office of the Privacy Commissioner for Personal Data, Hong Kong; K T Chan, Office of the Privacy Commissioner for Personal Data, Hong Kong; Joseph Young, Office of the Privacy Commissioner for Personal Data, Hong Kong; Allen Ting, Office of the Privacy Commissioner for Personal Data, Hong Kong.
Front row — from left: Marie Shroff, Privacy Commissioner, New Zealand; Karen Curtis, Privacy Commissioner, Australia; Roderick Woo, Privacy Commissioner for Personal Data, Hong Kong; Jennifer Stoddart, Privacy Commissioner, Canada; Helen Versey, Privacy Commissioner, Victoria.

APPA has the principal objectives of:

  • Facilitating the sharing of knowledge and resources between privacy authorities within the Asia-Pacific;
  • Fostering cooperation in privacy and data protection;
  • Promoting best practice amongst privacy authorities; and
  • Working to continuously improve our performance to achieve the important objectives set out in our respective privacy laws.

Closed session — 11 June 2009

The first day of the Forum was a closed session. In attendance were the privacy commissioners and representatives of the privacy and data protection agencies of Hong Kong, South Korea, New Zealand, Australia, Canada and Victoria. Representatives from the National Commission for Data Protection, Portugal, and the Office for Personal Data Protection, Macao, were also in attendance as observers.

The Forum reported on national and international privacy developments, including complaint-handling practices, and employee monitoring in the workplace. Some members reported on surveys conducted on the use of portable storage devices in the public sector, contributing to discussions on strategies to deal with challenges created by new technologies. The importance of building strong relationships with private sector stakeholders in promoting privacy compliance audits was also discussed. Members resolved to continue to monitor these developments, and to share strategies for enhancing privacy protection and compliance across the region.

The Privacy Awareness Week Working Group reported on the success of the APPA joint initiative for 2009. The PAW animation video was a resounding success and had successfully attracted young people’s attention in many jurisdictions. It was resolved that PAW 2010 would be again held in the first week of May, and that the future of PAW would be discussed in the next APPA Forum.

Members also agreed to amend and update the APPA Statement of Objectives to better reflect the composition and aims of the Forum. It was agreed in principle that, after having held three privacy awareness weeks over the past three years, the Statement of Objectives should include the joint promotion of privacy awareness activities.  Further amendments will be discussed at the next Forum.

Broader session — 12 June 2009

The second day of the Forum was a broader session. In attendance were APPA members and invited guests, including representatives from the Department of Justice and the Constitutional and Mainland Affairs Bureau. Jurisdictional Reports were discussed and members gave updates on data breach notification developments from across the Asia-Pacific region. This session also featured a presentation on privacy law reform in Hong Kong, and an update on the APEC Privacy Framework and related initiatives being undertaken through the OECD.

Public Forum — Electronic Health Record Sharing — 12 June 2009

Following the broader session, members participated in a public forum. It included presentations by three distinguished local experts and a panel discussion with the Commissioners of Australia, Canada, New Zealand and Hong Kong. Members of APPA and the general public had the opportunity to consider some of the privacy protection issues raised by health data sharing systems generally.

Conference in Macao on ‘Data Breaches — Problems and Solutions’ — 13 June 2009

A conference on ‘Data Breaches – Problems and Solutions’, was organised by the Office for Personal Data Protection, Macao, and the Legal and Judicial Training Centre, Macao. Presenters at the conference included representatives from APPA, as well as from Portugal, Macao, and mainland China.

The conference included sessions on personal data protection in different jurisdictions, data breaches, and related developments in mainland China, Hong Kong, Portugal and Europe. The conference also heard a presentation on the seventh amendment of the Penal Code of the People’s Republic of China.

Next APPA meeting

The 32nd APPA Forum is scheduled for the first week of December 2009 in Adelaide, Australia, supported by the Office of the Privacy Commissioner, Australia.