45th APPA Forum — Communiqué

APPA members at the 45th APPA forum, Singapore

The 45th Asia Pacific Privacy Authorities (APPA) Forum was hosted by the Personal Data Protection Commission, Singapore on 21–22 July 2016.

Attended by APPA members, invited observers (see below for attendees list) and guests, the two-day event generated discussions on personal data protection and privacy trends and developments. The Forum’s highlights are summarised below.

New member

APPA welcomed the Personal Information Protection Commission (PPC), Japan, as its 19th member.

Day One (closed session)

The first day of the Forum was restricted to APPA members and invited observers. Members presented jurisdiction reports along common themes that have surfaced across the Asia–Pacific region. These included facilitating compliance, legislative reforms, technology developments on data protection and privacy, and education and outreach efforts. They also shared reports on data breaches and joint investigations.

The APPA Governance Committee was formed immediately after the 44th APPA Forum in Macao, with the Office of the Information and Privacy Commissioner for British Columbia nominated as the co-secretariat with the Office of the Australian Information Commissioner. The Governance Committee reported on its half year progress to APPA members.

The Communications Working Group (CWG) reported on the achievements of the 2016 Privacy Awareness Week (PAW). This year’s PAW theme was “Privacy – in your hands” to emphasise that people could exert control over their data and privacy. PAW poster designs were again provided by the Office of the Privacy Commissioner for Personal Data, Hong Kong.

The Technology Working Group (TWG) presented its study on establishing common baseline security measures among members to advise data users or controllers on reasonable protection measures for electronically stored information, and a separate study on current legislation and regulation on anonymisation / de-identification as an appropriate means of protecting personal information.

Other topics discussed included how jurisdictions can balance data sharing and data protection, as well as updates on the EU General Data Protection Regulation (GDPR).

Day Two (broader session and closed session)

The morning’s broader session saw discussions on topics such as the EU-US Privacy Shield, APEC Cross-Border Privacy Rules (CBPR) system, data portability, future of privacy regulation and calibrating privacy principles to a big data and digital society.

At the afternoon’s closed session, members considered the growing challenges of consent and agreed to further consider the subject collectively. Other discussions were focused on information sharing in the public sector and the effectiveness of education activities.

Commissioner arrivals and departures

APPA acknowledged the leadership of particular individuals in member authorities and offered its best wishes for their retirements and new appointments:

  • Elizabeth Denham stepped down as Commissioner for the Office of the Information and Privacy Commissioner of British Columbia to assume a new position in the UK Information Commissioner’s Office; and
  • Lee Hong-Sub took over from Ha-Kyung Jeong as Chairman of the Korea Personal Information Protection Commission.

Next meetings

The 46th APPA Forum will be hosted by the National Institute for Transparency, Access to Information and Personal Data Protection, Mexico from 30 November to 2 December 2016 in Manzanillo, Colima.

The 47th APPA Forum will be hosted by the Office of the Australian Information Commissioner in Sydney, Australia in 2017.

Officials from the following member authorities participated in the meeting:

  • Personal Data Protection Commission, Singapore (Host)
  • Office of the Australian Information Commissioner, Australia
  • Office of the Information and Privacy Commissioner for British Columbia, Canada
  • Office of the Privacy Commissioner of Canada
  • Privacy Commissioner for Personal Data, Hong Kong
  • Personal Information Protection Commission, Japan
  • Korea Internet and Security Agency
  • Korea Personal Information Protection Commission
  • Office for Personal Data Protection, Macao
  • National Institute for Transparency, Access to Information and Personal Data Protection, Mexico
  • Office of the Privacy Commissioner, New Zealand
  • Office of the Information Commissioner, Northern Territory
  • Federal Communications Commission, United States
  • Federal Trade Commission, United States
  • Office of the Commissioner for Privacy and Data Protection, Victoria, Australia

The following government organisations’ officials attended the meeting as observers:

  • Commission Nationale de I’Informatique et des Libertes
  • European Commission
  • European Data Protection Supervisor
  • National Control Commission for the Protection of Personal Data, Morocco
  • National Privacy Commission, Philippines