32nd APPA Forum — Communiqué

The 32nd Asia Pacific Privacy Authorities (APPA) Forum was held in Adelaide, Australia from 3–4 December 2009. This Communiqué outlines the initiatives discussed at this Forum.

The 32nd Asia Pacific Privacy Authorities (APPA) Forum was hosted by the Privacy Committee of South Australia in Adelaide, Australia on 3–4 December 2009.

Closed session

The first day of the Forum was a closed session for APPA members. In attendance were the Privacy Commissioners or representatives of Australia, Korea, New South Wales, New Zealand, Northern Territory, and Victoria. The Privacy Commissioner of New Zealand and the Hong Kong Privacy Commissioner for Personal Data participated in the Forum by teleconference. Representatives from privacy related authorities in other jurisdictions also attended as observers, including those from the USA’s Federal Trade Commission, and the Australian states of Queensland and South Australia.

Member authorities presented reports detailing recent privacy developments that have occurred within their jurisdiction. Matters raised included data matching, privacy risks associated with portable storage devices, privacy law reform in Australia, New South Wales and the Northern Territory, and the possible establishment of an informal, global network of privacy enforcement authorities.

Attendees discussed the APEC Privacy Framework and outcomes from the 31st International Conference of Data Protection and Privacy Commissioners, which was held in Madrid, Spain in November. Members resolved to convene a working group to work towards the establishment of a day or week during which privacy is celebrated and promoted on a global basis. Members also resolved to convene a working group to review APPA’s membership criteria.

Members agreed to use an interactive online tool as a joint promotional product for Privacy Awareness Week (PAW) 2010. The tool, which allows users to self-test for their risk of ID theft, was originally developed by the Norwegian Data Inspectorate. Ideas were exchanged about the future of PAW, and members agreed to continue promoting PAW jointly and encourage further international participation. Members resolved to adopt the APPA Secondment Framework, which aims to promote greater mobility of staff between APPA offices and to increase regional collaboration.

Broader session

The second day of the Forum was a broader session. Jurisdiction reports were presented, and members gave updates on the implementation of data breach notifications in their region. This session also featured discussion of privacy law reform throughout the region and presentations about credit reporting developments and ID scanning.

Members also participated in a public forum on privacy, identity and e-crime. The public forum featured presentations from leading academics and public servants and representatives of the South Australia Police. This event gave APPA members the opportunity to consider the role of privacy authorities in identity crime awareness and prevention and information and identity security in government.

Next meeting

The next meeting of the Forum will be held in Darwin, Australia on 3-4 June 2010.

About APPA

APPA is the principal forum for privacy authorities in the Asia Pacific region to form partnerships and exchange ideas about privacy regulation, new technologies, and the management of privacy enquiries and complaints.

APPA has the principal objectives of:

• Facilitating the sharing of knowledge and resources between privacy authorities within the region
• Fostering cooperation in privacy and data protection
• Promoting best practice amongst privacy authorities
• Working to continuously improve our performance to achieve the important objectives set out in our respective privacy laws.