Common administrative practices
On this page:
Case Note Citation
24th APPA meeting, Melbourne, Australia, 17 November 2005
This statement outlines agreed elements of a system for citing reports of complaints handled by privacy authorities. The citation system seeks to maximise the collective regional benefits of individual report series published by particular privacy authorities by making it easier to clearly identify and refer to reported cases.
Special terms used:
"Case note" is intended to encompass any report outlining the outcome of an investigation, conciliation or determination of a complaint that is contained in a series of reports released by a privacy authority.
Graham Greenleaf, "Reporting Privacy Complaints Part 1: A Proposal for Systematic Reporting of Complaints in Asia-Pacific Jurisdictions" 9/3 Privacy Law & Policy Reporter 41-48, available online at http://www.austlii.edu.au/
Statement on citation of case notes
Many privacy authorities issue instructive case notes on a selection of complaints that have been handled. It is desirable that all those who wish to refer to a case note can do so by an official citation that unambiguously refers to the same note and has an accepted designator for the privacy authority or other body publishing the report.
APPA particularly wishes to encourage good citation systems given the clear benefit to privacy authorities in the region in the ability to cite reports from other offices. Others engaged in interpreting and applying privacy law will similarly benefit.
It is agreed that all case notes should be issued with a citation including the following elements:
- A descriptor of the case
- The year of publication
- A standard abbreviation for the privacy authority
- A sequential number.
Some variety exists in case descriptors currently used by privacy authorities in the region. This diversity is compatible with this statement of common administrative practice. Current approaches include:
- Australia and Victoria: reference to complainant by letter of the alphabet and respondent through a general description (e.g. J v Superannuation Provider  PrivCmrA 7)
- New South Wales: reference to complainant by letters followed by respondent department's name (e.g. KJ v Wentworth Area Health Service  NSWPrivCmr 7) New Zealand, Korea and Hong Kong: a short generalised characterisation of the complaint (e.g. Mobile telecom company provided the details of telephone conversation of a customer to a third party without her consent  KRPIDMC 4);
- New Zealand and Hong Kong citations add an internal reference number e.g. Man upset that employer disclosed epilepsy to other employees (Case Note 16723)  NZPrivCmr 11).
The year of the note appears in brackets, followed by the abbreviation of the issuing authority and the sequential case note number.
The following abbreviations have been adopted for APPA participants:
- HKPrivCmr — Hong Kong Privacy Commissioner for Personal Data
- KRPIDMC — Korean Personal Information Dispute Mediation Committee
- NSWPrivCmr — New South Wales Privacy Commissioner
- NTICmr — Northern Territory Information Commissioner
- NZPrivCmr — New Zealand Privacy Commissioner
- PrivCmrA — Privacy Commissioner of Australia (changed on 1 November 2010 to AICmrCN — Office of the Australian Information Commissioner)
- VPrivCmr — Victorian Privacy Commissioner
Case Note Dissemination
26th APPA meeting, Hong Kong, 9 November 2006
This statement outlines recommended steps for disseminating privacy case notes. These steps seek to maximise the collective regional benefits of individual case note series published by particular privacy authorities by making it easy to obtain case notes on-line and by facilitating re-publication.
Special terms used:
'Case note' encompasses any report outlining the outcome of an investigation, conciliation or determination of a complaint that is contained in a series of reports released by a privacy authority.
APPA Statement of Common Administrative Practice on Case Note Citation adopted at the 24th Meeting, Melbourne, Australia, 17 May 2005.
Statement on dissemination of case notes
Many privacy authorities issue instructive case notes on a selection of complaints that have been handled in their jurisdiction.
Privacy authorities disseminate their case notes domestically in a variety of ways depending upon their priorities, budget and target audiences. For instance, some:
- maintain a distribution list to which printed copies of case notes are mailed
- reprint the text of case notes in annual reports
- publicise summaries in newsletters
- post case notes on their own website
- distribute electronic copies through RSS feeds or email subscription lists
- cooperate in re-publication by local legal publishers
- periodically publish indexed compilations.
APPA actively encourages privacy authorities to make their case notes widely available to increase comparative knowledge and stimulate research and debate.
This statement is focused upon steps that facilitate the dissemination or availability of case notes throughout the region.
APPA encourages privacy authorities:
- to cooperate with third party publishers who wish to re-publish their case notes, and
- to make their case notes available, in an electronic form suitable for re-publication, to a recognised regional consolidated point of access.
Third party publishers
APPA recognises that third party publishers can enable case notes to be made more widely available to the public, specialist bodies, professional advisers and researchers.
Privacy authorities should facilitate re-publication of case notes by third party publishers. This should be done by giving a general licence for re-publication of their case notes with proper acknowledgement.
The general licence can be made subject to revocation if inappropriate (e.g. salacious) use is made.
The general licence should be included within the usual copyright notice posted on each privacy authority's website.
Consolidated point of access
APPA sees considerable value in having a consolidated point of access for case notes. An access point now exists in the World Legal Information Institute's Privacy Law Library. The single point of access brings a variety of benefits including the ability to search across a range of case note series from within and beyond the region.
Privacy authorities should supply electronic case notes to WorldLII at the same time as they distribute the case notes in the ordinary way or as soon as reasonably practicable after that.
Recommended Common Core Questions for Community attitude surveys
41st APPA Meeting, Seoul, 17-18 June 2014
This statement specifies questions that are recommended for inclusion in community attitude surveys undertaken by APPA member authorities. Use of these common questions will benefit member authorities individually and collectively by enabling meaningful cross jurisdictional comparisons. Over time the resulting data may enable the development of regional benchmarks that could be useful in planning and performance monitoring.
This note relates only to surveys of individuals (i.e. community attitude surveys) and not to surveys of organisations.
The 25th APPA meeting set up the Asia Pacific Comparative Privacy Statistics Project to:
- share knowledge of best statistical practices amongst APPA members;
- promote standardisation in statistical practices so as to facilitate comparisons;
- enable answers to be given to important questions; and
- establish regional statistics and benchmarks.
Earlier projects have included a baseline survey (2006) and an external reference group review of the published statistics of member authorities (2007). The 40th APPA meeting (2013) resolved to develop common core survey questions.
Other useful references: The OECD Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data (2013) recommend that “countries should encourage the development of internationally comparable metrics to inform the policy making process related to privacy and transborder flows of personal data”.
Statement on common core questions in surveys:
Many privacy enforcement authorities periodically undertake community attitude surveys. While the scope of these surveys may change from year to year there is a core set of questions that are similar across economies and over time. This core area concerns such matters as public awareness of the privacy law and the enforcement authority. Authorities survey these topics as the answers are useful for planning and in measuring performance. Informed citizens and consumers who are aware of the existence of privacy law or the authority responsible for enforcement are in a position to exercise their privacy rights.
Statistics on community awareness levels and attitudes need to be set in context by comparison with other statistics such the levels recorded in another time or place. To be comparable the other statistics should be generated by asking the same question.
APPA has determined that there will be individual benefit to member authorities, and collective benefit to all APPA members, if the survey results gathered in the core area were to be comparable across jurisdictions. Accordingly, where member authorities undertake community attitude surveys APPA recommends that the questions set out in the schedule be used.
APPA further recommends that member authorities that use these survey questions deposit a copy of the results of these questions with the APPA Secretariat together with details of the survey methodology used and the margin of error. This will facilitate comparison.
Notes in relation to the use of the common questions:
- Some departure from the recommended text is permissible so long as the altered question is sufficiently similar to be directly comparable.
- The APPA Secretariat will take steps to make the statistics deposited with it available to members and the public. Where sufficient results are available the Secretariat may develop presentations of the statistics that compare the figures and plot trends.
- Where sufficient comparable results have been deposited, the Secretariat will calculate and publish regional ‘benchmark’ figures. To ensure comparability the Secretariat will generally only include results within a margin of error of ±4%. At suitable intervals the Secretariat will update the benchmarks to incorporate new data. Authorities are free to use these benchmark figures as targets for internal or external reporting purposes.
Schedule: Recommended common core survey questions
|Description of question||Text of question|
|Prompted: Awareness of privacy law||Are you aware of the [name of privacy law]?|
|Prompted: Awareness of privacy enforcement authority||Have you heard of the [name of privacy enforcement authority]?|
APPA may from time to time adopt additional recommended common core survey questions
|Description of question||Text of question||Result — Yes||Result — No||Result — Unsure|
|Prompted: Awareness of privacy law||Are you aware of the Privacy Act?||65%||33%||2%|
|Prompted: Awareness of privacy enforcement authority||Have you heard of the Privacy Commissioner?||77%||19%||4%|
|Description of question||Text of question||Result — Yes||Result — No|
|Prompted: Awareness of privacy law||Are you aware of the Freedom of Information and Protection of Privacy Act (also referred to as FOIPPA or FIPPA)?||62%||38%|
|Are you aware of the Personal Information Protection Act (also referred to as PIPA)?||43%||57%|
|Prompted: Awareness of privacy enforcement authority||Before today, had you heard of the Office of the Information and Privacy Commissioner of BC?||50%||50%|
|Description of question||Text of question||Result — Yes||Result — No||Result — Unsure|
|Prompted: Awareness of privacy law||Were you aware that an Australian Government Privacy Commissioner exists to uphold privacy laws and to investigate complaints concerning the misuse of personal information?||47%||45%||8%|