The 60th APPA Forum hosted by the Office of the Australian Information Commissioner, Sydney, Australia

The Office of the Australian Information Commissioner (OAIC) hosted the 60th Asia Pacific Privacy Authorities (APPA) forum from 30 November to 1 December 2023.

The forum was attended by 18 APPA members. A number of guests and observers were also in attendance from around the globe, including from data protection authorities and other international networks.

During the two-day forum, members, observers and guests shared and discussed a variety of common privacy issues, regulatory experiences, and enforcement challenges. Attendees also continued to build relationships, enhancing regulatory cooperation in the region.

The discussions focused on the following key themes:

  • Intersections between privacy and other regulatory spheres
  • Promoting trust in cross-border data flows
  • Protecting children’s privacy
  • Updates on and responses to recent significant data breaches
  • Biometrics regulation
  • Privacy protection in the Digital Age
  • Artificial intelligence.

APPA members acknowledged the need for proactive approaches to privacy regulation and shared strategies for enhancing collaboration and interjurisdictional cooperation.

The two-day meeting was divided into two sessions.

Day One

On day one, the 60th APPA Forum was opened by Angelene Falk, Australian Information Commissioner and Privacy Commissioner and agency head of the OAIC, who welcomed APPA members to Sydney and gave an overview of the agenda. This was followed by a traditional welcome to country from Yvonne Weldon AM. The opening formalities were concluded with the approval of the 59th APPA Forum’s meeting minutes.

The focus on Day one was on APPA’s standing agenda items.

The formal agenda began with presentations from APPA Working Group Reports with the Office for Personal Data Protection, Government of Macao Special Administrative Region, delivering the Communications Working Group Report; the Personal Data Protection Commission of Singapore highlighting efforts in the Technology Working Group Report to collectively advance the responsible use of data with the application of anonymisation; as well as the Office of the Privacy Commissioner New Zealand discussing the future of the Comparative Privacy Statistics Working Group Report.

This was followed by the group photo of attendees.

Members then presented their jurisdiction reports and gave updates on key privacy developments in their jurisdictions. Presenters were asked to outline developments in their jurisdiction from the last six months that may be of interest to the forum. These formed the basis of a moderated discussion at the meeting. Some of the topics discussed during the session included:

  • regulation of biometric technologies,
  • privacy protection in the digital age,
  • children’s privacy and keeping kids safe,
  • artificial intelligence governance policies and initiatives, and
  • deceptive design patterns.

After lunch, the afternoon session commenced with a panel discussion moderated by Sarah Ghali, Assistant Commissioner at the OAIC, on the intersections between privacy and other regulatory spheres. This panel focused on digital environments and explored the increased need for privacy regulators to facilitate information sharing, regulatory collaboration and cooperation. Panellists reflected on their practical experiences, as well as whether focusing on proactive or reactive collaboration strategies is more effective in their jurisdictions.

This was followed by three presentations:

  • To begin, the Office of the Privacy Commissioner New Zealand presented on Poupou Matatapu – Doing Privacy Well,
  • This was followed by a presentation by the Personal Information Protection Commission, Japan on promoting trust in cross-border data flows, which focused on the initiatives for trusted government access as an essential element to promote DFFT (Data Free Flow with Trust), and
  • The Office of the Privacy Commissioner of Canada then provided a presentation on updates in protecting children’s privacy.

Following these presentations, at a closed session for members only, the Governance Report from Office of the Information and Privacy Commissioner, British Columbia, Canada was delivered by Commissioner McEvoy, Chair of the APPA Governance Committee and Secretariat.

At the end of day one, the draft communique was discussed followed by closing remarks.

In the evening, the OAIC hosted a welcome dinner at the Australian National Maritime Museum which was attended by in-person attendees of the APPA Forum. Members received an address from the Chair of the Australian Competition and Consumer Commission, Gina Cass-Gottlieb, on the work of the Digital Platforms Regulators Forum.

Day Two

Day two was opened with a short introduction from Commissioner Falk.

Day two of the Forum then commenced with Global Privacy Update Reports (Network Reports) in which Networks were asked to discuss the following topics:

  • What are the most significant challenges and accomplishments they have encountered this year, and
  • How international cooperation has influenced the attainment of their objectives.

The following global privacy networks and organisations provided update reports:

  • Organisation for Economic Co-operation and Development
  • Ibero-American Network of Data Protection
  • Global Privacy Enforcement Network
  • Global Cross-Border Privacy Rules
  • Global Privacy Assembly
  • Global Privacy Assembly International Enforcement Cooperation Working Group
  • Global Privacy Assembly Data Protection and Other Rights and Freedoms Working Group
  • Global Privacy Assembly Global Frameworks and standards Working Group
  • Global Privacy Assembly Digital Citizen and Consumer Working Group

At the end of day two, the draft communique was approved for release, followed by closing remarks from the OAIC.

To end the proceedings, the announcement of the host of the 61st APPA Forum was made.

For the remainder of day two, APPA attendees had the option to attend an event titled ‘Cracking the AI Code: Insights, Privacy, and Industry Outlook’, which was held by the Centre for International Policy Leadership (CIPL) and explored topical issues such as artificial intelligence. The CIPL event was attended by representatives from industry, academia, privacy professionals, civil society, government and regulators.

Next meeting

It was agreed that the host and date of the 61st APPA Forum will be announced out of session.

60th APPA Forum attendees

  • Office of the Australian Information Commissioner
  • Office of the Information and Privacy Commissioner, British Columbia, Canada
  • Office of the Privacy Commissioner of Canada
  • Office of the Privacy Commissioner New Zealand
  • Office of the Privacy Commissioner for Personal Data, Hong Kong, China
  • Personal Information Protection Commission, Japan
  • Office for Personal Data Protection, Macao, China
  • National Privacy Commission, Philippines
  • Office of the Victorian Information Commissioner, Australia
  • National Institute for Transparency, Access to Information and Personal Data Protection, Mexico
  • Office of the Information Commissioner, Queensland, Australia
  • Personal Data Protection Commission of Singapore
  • National Authority of Data Protection of Peru
  • Office of the Victorian Information Commissioner, Victoria, Australia
  • Information and Privacy Commission, New South Wales, Australia
  • Office of the Information Commissioner, Northern Territory, Australia
  • Korea Internet & Security Agency
  • Federal Trade Commission, United States of America

60th APPA Forum observers and guests

  • Ministry of Communications and Informatics of the Republic of Indonesia
  • Authority for Info-communications Technology Industry of Brunei Darussalam
  • Information Commissioner’s Office, United Kingdom
  • Personal Data Protection Authority KVKK Türkiye
  • Organisation for Economic Co-operation and Development
  • Ibero-American Network of Data Protection
  • Global Privacy Enforcement Network
  • Global Cross-Border Privacy Rules
  • Global Privacy Assembly
  • Global Privacy Assembly International Enforcement Cooperation Working Group
  • Global Privacy Assembly Data Protection and Other Rights and Freedoms Working Group
  • Global Privacy Assembly Global Frameworks and standards Working Group
  • Global Privacy Assembly Digital Citizen and Consumer Working Group