44th APPA Forum — Communiqué

The 44^th Asia Pacific Privacy Authorities (APPA) Forum was hosted by the Office for Personal Data Protection, Macao on 3–4 December 2015. The meeting was attended by a broad range of APPA members (see below for a complete list of APPA attendees and observers).

Delegates discussed a variety of current issues over two days. Some of these have been highlighted below.

Day One (closed session)

The first day of the Forum was limited to APPA member authorities and invited observers. Members presented their jurisdiction reports and discussed  emerging issues from across the Asia Pacific region, including legal reforms and law enforcement issues, transparency reporting, health information and biometrics, and various public education initiatives. Members also shared a wealth of opinions on investigations and data breaches.

Building on discussions from the 43^rd APPA Forum, members continued to discuss APPA’s future direction, including APPA’s governance framework and the future and role of the APPA Secretariat. Members thanked the Office of the Australian Information Commissioner for its commendable efforts during the past nine years as the Secretariat. The Office of the Information and Privacy Commissioner for British Columbia was nominated to be the next APPA Secretariat. Members also agreed to establish a governance committee.

APPA members approved ‘Privacy in Your Hands’ as the theme for next year’s APPA Privacy Awareness Week (PAW). PAW will be held in May 2016.

Other matters that were discussed included public sector information sharing, telephony fraud involving personal data, and privacy issues relating to electoral processes and political parties.

Day Two (closed and open session)

During the closed session on day two, members discussed recent developments relating to the:

• APEC Data Privacy sub-group
• International Conference of Data Protection and Privacy Commissioners
• Global Privacy Enforcement Network
• Ibero-American Network of Data Protection
• Common Thread Network.

Members further discussed the implications of big data for data protection authorities, and how authorities are responding to big data issues in their own jurisdictions. In addition, attendees discussed the US-EU Safe Harbor Agreement, harmful digital communications, privacy trust marks and certifications, and compliance techniques for privacy enforcement authorities.

The second half of day two was an open session. This was attended by government officials, private sector representatives and academics. During this session, several privacy issues were discussed, ranging from the installation of CCTV cameras by public security forces, to cyber status and privacy concerns, and measuring stakeholder attitudes and satisfaction.

Next meeting

The 45^th APPA Forum will be hosted by the Personal Data Protection Commission, Singapore in July 2016.

The 46^th APPA Forum will be hosted by the National Institute for Transparency, Access to Information and Personal Data Protection, Mexico in November or December 2016.

44^th APPA Forum attendees

• Office for Personal Data Protection, Macao – Host
• Office of the Australian Information Commissioner, Australia
• Office of the Information and Privacy Commissioner for British Columbia, Canada
• Office of the Privacy Commissioner of Canada
• Privacy Commissioner for Personal Data, Hong Kong
• Personal Information Protection Commission, Korea
• Korea Internet and Security Agency, Korea
• National Institute for Transparency, Access to Information and Personal Data Protection, Mexico
• Office of the Privacy Commissioner, New Zealand
• Personal Data Protection Commission, Singapore
• Office of the Commissioner for Privacy and Data Protection, Victoria, Australia
• Federal Communications Commission, United States
• Federal Trade Commission, United States

Officials from the following government organisations attended the meeting as observers:

• Consumer Affairs Agency, Japan
• Specific Personal Information Protection Commission, Japan
• Korea Communications Commission, Korea
• Portuguese National Commission for Protection of Personal Data, Portugal