Subscribe to LSNN Daily News


Enter your email address:

2022-12-15 16:15:09
Thursday 16:55:10
December 15 2022

OECD publishes agreement on government access to personal data

View 10.1K

words 1.2K read in 6 minutes, 2 Seconds

The Organisation of Economic Cooperation and Development ('OECD') announced, on 14 December 2022, the adoption of the OECD Declaration on Government Access to Personal Data Held by Private Sector Entities. In particular, the OECD highlighted that 38 countries and the EU signed up to the Declaration, which clarifies how national security and law enforcement agencies can access personal data under existing legal frameworks. Further, the Declaration notes the commitment to free data flows to promote confidence in individuals and businesses on cross-border data transfers.

More specifically, the OECD outlined that the Declaration rejects any approach by governments to access personal data which are inconsistent with democratic values and the rule of law. Furthermore, the Declaration sets out a range of principles under which governments may access personal data held by organisations. These include, the Declaration details:

  • legal basis: legal frameworks which set out the purposes, conditions, limitations, and safeguards concerning access, such that individuals have sufficient guarantees against the risk of misuse and abuse;
  • legitimate aims: governments seek access only for specified and legitimate aims, and do not seek personal data for the purpose of suppressing or burdening criticism or dissent, or disadvantaging persons or groups solely on the basis of particular characteristics;
  • approvals: prior approval requirements for government access to personal data to ensure access is conducted in accordance with standards, rules, and processes, and that stricter approval requirements are put in place for serious interference, while decisions should also be documented;
  • data handling: personal data access should only be handled by authorised personnel, and internal controls and requirements used to prevent loss or unauthorised access;
  • transparency: ensuring that the general legal framework for government access is clear and easily accessible, and that mechanisms exist to provide transparency about government access, with such mechanisms including public reporting by oversight bodies on compliance with such requirements;
  • oversight: ensuring effective and impartial oversight for compliance with the legal framework, including internal compliance offices, courts, and parliamentary or legislative committees; and

  • redress: ensuring individuals have effective judicial and non-judicial redress to identify and remedy violations of the national legal framework, taking into account the need to preserve the confidentiality of national security and law enforcement activities.

/ dataguidance

Landmark agreement adopted on safeguarding privacy in law enforcement and national security data access

OECD countries today adopted the first intergovernmental agreement on common approaches to safeguarding privacy and other human rights and freedoms when accessing personal data for national security and law enforcement purposes.

The OECD Declaration on Government Access to Personal Data Held by Private Sector Entities seeks to improve trust in cross-border data flows – which are central to the digital transformation of the global economy – by clarifying how national security and law enforcement agencies can access personal data under existing legal frameworks. It marks a major political commitment by the 38 OECD countries and the European Union that signed up to it during the OECD’s 2022 Digital Economy Ministerial Meeting. The Declaration is also open for adherence by other countries.

“Being able to transfer data across borders is fundamental in this digital era for everything from social media use to international trade and cooperation on global health issues. Yet, without common principles and safeguards, the sharing of personal data across jurisdictions raises privacy concerns, particularly in sensitive areas like national security,” OECD Secretary-General Mathias Cormann said, launching the Declaration during the OECD Digital Economy Ministerial Meeting. “Today’s landmark agreement formally recognises that OECD countries uphold common standards and safeguards. It will help to enable flows of data between rule-of-law democracies, with the safeguards needed for individuals’ trust in the digital economy and mutual trust among governments regarding the personal data of their citizens.”

The Declaration, which rejects any approach to government access to personal data inconsistent with democratic values and the rule of law, is the result of two years of work by the OECD with a group of country experts in data protection, national security, and law enforcement. The project stemmed from growing concerns that the absence of common principles in the sensitive domains of law enforcement and national security could lead to undue restrictions on data flows. Another motivating factor is a desire to increase trust among rule-of-law democratic systems that, while not identical, share significant commonalities.

The Declaration complements the OECD Privacy Guidelines, one of the OECD’s flagship achievements dating back to 1980 and the basis of many countries’ privacy rules. Last updated in 2013, the Privacy Guidelines provide a common reference point for the protection of personal data and aim to facilitate cross-border data flows while upholding democratic values, the rule of law and the protection of privacy and other rights and freedoms. Crucially, however, they allow for exceptions for national security and law enforcement purposes. This new Declaration articulates a set of shared principles that reflect commonalities drawn from OECD members’ existing laws and practices and complement each other in protecting privacy and other human rights and freedoms.

The principles set out how legal frameworks regulate government access; the legal standards applied when access is sought; how access is approved, and how the resulting data is handled; as well as efforts by countries to provide transparency to the public. They also tackle some of the thornier issues – such as oversight and redress – that have proved challenging to policy discussions for many years. (See the full official text.)

The Declaration on Government Access is an important milestone in the OECD’s work to support countries in promoting trust in cross-border data flows. The Declaration complements the OECD’s Going Digital project, which in its current and third phase focuses on data governance for growth and well-being and offers evidence-based solutions to critical data governance challenges that countries face. Deliverables from this phase of the project, concluded at the Ministerial Meeting, include the Going Digital Guide to Data Governance Policy Making and the report Going Digital to Advance Data Governance for Growth and Well-being.

See more on the 2022 OECD Digital Economy Ministerial Meeting.

For further information, journalists are invited to contact Catherine Bremer in the OECD Media Office (+33 1 45 24 80 97).

Working with over 100 countries, the OECD is a global policy forum that promotes policies to preserve individual liberty and improve the economic and social well-being of people around the world.

Also Available

Declaration on Government Access to Personal Data held by Private Sector Entities / Science and Technology

WE THE MINISTERS AND REPRESENTATIVES OF Australia, Austria, Belgium, Canada, Chile, Colombia, Costa Rica, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Israel, Italy, Japan, Korea, Latvia, Lithuania, Luxembourg, Mexico, the Netherlands, New Zealand, Norway, Poland, Portugal, the Slovak Republic, Slovenia, Spain, Sweden, Switzerland, Türkiye, the United Kingdom, the United States, and the European Union, met in the Island of Gran Canaria in Spain, on 14-15 December 2022, under the leadership of Spain as Ministerial Chair and with Denmark, Japan, Türkiye, the United Kingdom and the United States as Vice-Chairs, for the meeting of the Committee on Digital Economy Policy (CDEP) at Ministerial level under the theme “driving long-term recovery and economic growth by building a trusted, sustainable, and inclusive digital future”. See the full official... Declaration

Source by Redazione

Articles Similar / OECD pub...onal data
placeholder from: ladysilvia
by: Redazione