On this page:
- 02/11/2016 » Asia Pacific Privacy Authorities welcome new member Philippines
- 29/06/2016 » Asia Pacific Privacy Authorities welcome new member Japan
- 05/05/2014 » World leading online privacy law library gets big increase in capacity
- 06/12/2011 » People care about privacy on social networking sites: Survey by international privacy commissioners
Statements of common administrative practice
- Case Note Citation
- Case Note Dissemination
- Recommended Common Core Questions for Community attitude surveys
Statement of Objectives
Meeting in Auckland, on 6 December 2010, the Asia Pacific Privacy Authorities Forum resolved as follows:
- Privacy is a matter of growing international concern;
- Information networks closely connect people and organisations in our various economies regardless of physical borders and differing laws;
- Governments and business expect regulators to strive for efficient and effective solutions and that best practice requires privacy authorities to be aware of what similar regulators are doing;
- Privacy issues can emerge in one jurisdiction before others and that privacy authorities can benefit from an advanced warning system;
- Privacy authorities are increasingly being called upon to contribute to solutions to privacy breaches or policy challenges, that cross borders;
- There is limited specialised privacy resource in any one jurisdiction and that privacy authorities benefit from reaching abroad for information, inspiration and assistance;
- Participants in the forum will benefit from cooperation in information privacy knowledge sharing and technical resources;
- Endorsement of the APEC Privacy Framework in 2004 has provided a regional restatement of the importance of privacy and maintaining information flows;
- Adoption of the OECD Recommendation on Cross-border Co-operation in the Enforcement of Laws Protecting Privacy in 2007 and the commencement of the APEC Cooperation Arrangement for Cross-border Privacy Enforcement (CPEA) in 2010 have re-emphasised the need for regional cooperative arrangements.
Therefore we resolve to:
- Continue the cooperative arrangements established in 1992 and encourage further participation from within the region
- maintain constructive relations with complementary networks including the International Conference of Data Protection and Privacy Commissioners, the APEC CPEA and the Global Privacy Enforcement Network.
And further resolve through the Forum to:
- Facilitate sharing knowledge and resources between privacy authorities in the region
- Foster cooperation in privacy and data protection
- Jointly promote privacy awareness activities
- Promote best practice amongst privacy authorities
- Work to continuously improve our regulatory performance
- Support efforts to improve cross-border cooperation in privacy enforcement.
Office of the Australian Information Commissioner, Privacy Commissioner of New Zealand, Privacy Commissioner for Personal Data, Hong Kong, China, Privacy Commissioner of New South Wales, Australia, Privacy Commissioner of Victoria, Australia, Information Commissioner of Northern Territory, Australia, Korea Internet & Security Agency, Information and Privacy Commissioner of British Columbia, Canada, Privacy Commissioner of Canada, Federal Trade Commission, United States of America, Federal Institute for Access to Information and Data Protection, Mexico, Office for Personal Data Protection, Macao, China, Personal Information Protection Commission, Korea, Federal Communications Commission, United States.
APPA Secondment Framework
Secondments offer an excellent opportunity to foster collaboration between APPA members and promote best practice in the field of privacy and data protection. They can also help to improve the performance of individual staff members and of the privacy authorities they work for.
For this reason, APPA has adopted the APPA Secondment Framework. This framework provides advice on how to set up a successful secondment.
Use of APPA logo
APPA members are encouraged to use the APPA logo on their authority’s website to identify the authority as an APPA member and to promote awareness of the APPA forum. If you are considering using the APPA logo, please refer to the Use of APPA Logo policy. This policy outlines how the APPA logo may be used.
Community attitudes to privacy surveys
A number of APPA member authorities conduct community attitudes to privacy surveys. For example:
- the Office of the Privacy Commissioner, New Zealand privacy surveys
- the Office of the Australian Information Commissioner Community Attitudes to Privacy survey.
Comparative privacy statistics
At the 41st APPA Meeting (Seoul, 17–18 June 2014), the APPA forum adopted a Statement of Common Administrative Practice on Recommended Common Core Questions for Community Attitude Surveys. The statement provides that:
- where member authorities undertake community attitude surveys they should include the two common questions (set out in the statement’s schedule), and
- the APPA Secretariat will make statistics on responses to the two common questions publicly available, and eventually calculate and publish regional ‘benchmark’ figures.
The APPA Secretariat will publish statistics on responses to the common questions as they become available.
The Asia Pacific Privacy Authorities Forum established the following funding arrangement at the 41st meeting in Seoul. The funding arrangement was revised at the 44th meeting in Macao; the changes include:
- the currency for the levy was changed from Australian dollars to Canadian dollars, to reflect the location of the APPA Secretariat
- the amount for the levy was increased from $1,000 to $2,000 for the standard levy and from $666 to $1,000 for the reduced levy.
- From 2014, each APPA member authority will pay an annual membership levy (“the levy”) to establish an APPA fund for that year (“the fund”). The APPA Secretariat will collect, hold and disburse the proceeds of the fund. APPA members must pay those levies to continue to be considered APPA members, to participate in APPA activities, to attend APPA meetings or to receive disbursements from the fund.
- The levy payable to a member is either the “standard levy” or the “reduced levy” (one half of the standard levy).
- Levies will be set in the currency of the country in which the Secretariat is based. The amounts given in this paper are in Australian dollars. As the APPA Secretariat position is currently held by the Office of the Information and Privacy Commissioner, British Columbia, the levy is now in Canadian dollars.
- The standard levy for 2014 is $2000 but may be adjusted by APPA for future years. The standard levy applies to all members unless the reduced levy applies under clause 5.
- The reduced levy is $1000 but may be adjusted by APPA for future years. The reduced levy is payable by:
- A very small authority, being an authority with an annual budget of less than $750,000 or fewer than seven staff (full time equivalents);
- An authority based in an economy on the United Nations list of least developed countries (LDCs).
- The fund consists of all monies derived from levies in a particular year. The Secretariat will account annually to the APPA members regarding the collection, holding and disbursement of the fund.
- The Secretariat may disburse the funds once levies have been collected and the fund size is known. The funds will be disbursed during the year in three equal payments being:
- Four sixths to the Secretariat;
- One sixth to the host of the first APPA meeting for the year;
- One sixth for the host of the second APPA meeting of the year.
- An APPA member may enter an arrangement to extend the period for the payment of the annual membership levy. The arrangement must be entered into within 60 days of the Secretariat notifying the APPA member that the APPA membership levy is payable. The period for payment of the levy may be extended up to 120 days of receipt of the invoice for the payment of the levy. The Secretariat must take steps to accommodate all reasonable requests for such an arrangement.
- APPA membership will be discontinued, if:
- An APPA member fails to enter an arrangement to extend the period for the payment of the levy within 60 days of the Secretariat notifying the APPA member that the APPA membership levy is payable; or
- An APPA member fails to pay the APPA membership levy within 120 days of receiving an invoice for the payment of the levy. The Secretariat must provide at least one reminder within this period.
- Matters of administration not otherwise dealt with explicitly in this Arrangement are to be determined by the Secretariat. Examples include the manner in which levies are notified and facilities for payment.
- The Arrangement is to operate on a calendar year basis. Levies are to be requested before or at the beginning of the year and to be paid by a deadline set by the Secretariat.
- An authority joining APPA after the deadline for payment levies will not be levied for that year. Such a member will not be entitled to receive any disbursement from the fund in relation to that year.
- The fund will usually be disbursed within the year it is created. However, in extraordinary circumstances some monies may remain (for example, if a meeting is abandoned, or if a meeting is hosted by a new member that has not paid any levies). In such cases, the Secretariat will recommend to APPA how surplus monies be dealt with (e.g. by reduction in the following year’s levies).
- The Secretariat will require evidence of a member’s status as a very small authority to support the reduced levy. The Secretariat may obtain that evidence from publicly available sources or require a member to furnish supporting information. Supporting evidence of a country’s LDC status is not required as the Secretariat will take notice of any official LDC listing on a UN website.
- In assessing whether a member is a very small authority regard will be had to the authority’s entire staffing and entire budget. Staffing will include, for example, a commissioner. In offices with combined functions, for example privacy authorities also performing general access review roles, no subdivision of staff or budget into functional units is allowed — it is the organisation’s entire size that is to be considered.
- It is not expected that interest accruing on the fund, if any, will amount to more than a trivial amount. Any interest earned may be kept by the Secretariat.
- While the Secretariat will account to APPA for the levies collected for the fund and the three disbursements, the Secretariat need not further account for how those funds are used. Hosts need not account to APPA for how they use the funds allocated to them.
- The Secretariat will schedule a review after the arrangements have been in place for three years (i.e. in 2017), or earlier if warranted. Without limit, such a review should:
- Consider whether the Arrangement should continue and, if so, whether it should be modified;
- Assess how well the Arrangement met the objectives of being fair, affordable, simple, equitable and empowering; and
- Consider whether the level and thresholds for the reduced levy remain appropriate.
In the event that two authorities serve as Secretariat during the year, the portion of the fund due to the Secretariat will be shared evenly between the two authorities (or may be divided in such other shares as agreed between those authorities).
This resource aims to provide a general factsheet to Asia Pacific Privacy Authorities (APPA) members, in order to understand the basic requirements included in the EU General Data Protection Regulation (GDPR). APPA members can then use this document to develop their own guidance to assist their businesses and other organizations processing the personal data of European individuals in complying with the GDPR.