Date: 8 December 2016
Privacy Commissioner Attends the 46th Asia-Pacific Privacy Authorities Forum in Manzanillo, Mexico
(8 December 2016) The Privacy Commissioner for Personal Data, Hong Kong (“Privacy Commissioner”) Mr Stephen Kai-yi WONG attended the
46th Asia-Pacific Privacy Authorities (APPA) Forum in Manzanillo, Mexico on 30 November to 2 December 2016. He was invited to be the moderator of a panel discussion at the Forum to talk about the characteristics and advantages of self-regulations, and explore the means to encourage small and medium enterprises to adopt self-regulation on personal data protection.
The 46th APPA Forum was hosted by the National Institute for Transparency, Access to Information and Personal Data Protection (INAI), Mexico. It brought together
APPA member authorities, APPA observers, data protection authorities from other regions of the world, civil societies of the APEC region, Mexican government officials, as well as other privacy experts and practitioners from related businesses and professional bodies to discuss a variety of current privacy issues, highlighting the importance of international enforcement cooperation in light of increasing cross-border data transfers.
During the pre-conference of the Forum on 30 November, of which 300 people attended, the Privacy Commissioner was invited as the moderator of the panel discussion themed “Self-regulation schemes: How to scale up or render applicable self-regulation schemes on data protection to small and medium-sized enterprises?”. Panellists of this session included the representatives from the Office of the Information and Privacy Commissioner for British Columbia, the Mexican Government, the Federal Trade Commission of the US and the Information Accountability Foundation of the US.
The Privacy Commissioner also gave a presentation on “Self-regulation in Hong Kong”. He highlighted the example of self-regulation by the newspaper industry in Hong Kong, and introduced the Privacy Management Programme (PMP) launched by the Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD), which provides a framework for the self-regulation by individual organisations.
In the concluding remark, the Privacy Commissioner pointed out that with self-regulation businesses and organisations / companies can maintain their own control in accordance with laws and guidance over the assessment processes, dispute resolution procedures, as well as the amendments and enhancement of their work practices in view of the challenges and difficulties they encounter.
Mr Wong said self-regulation has been held in high regard by the industry and is more flexible in responding to changes. Effective self-regulation can help businesses and organisations / companies in regulatory compliance and avoid reputational damage. With self-regulation, businesses and organisations / companies are more likely to live up to the standards and best practices established by themselves, and eventually gain the trust from the data subjects such as consumers.
He also pointed out that there is no conflict between self-regulation and regulatory compliance. Instead, through self-regulation, organisations, especially the small and medium enterprises, are more willing to comply with the legal requirements and to embrace personal data protection. The PCPD has covered the related topics in its PMP, and issued code of practices and Best Practice Guide on issues concerned in a timely manner.
During the day, the Privacy Commissioner also gave a presentation about Hong Kong to promote the
39th International Conference of Data Protection and Privacy Commissioners (ICDPPC) to be held in Hong Kong on 25 to 29 September, 2017. He was also interviewed by local media, introducing current development of personal data protection in Hong Kong.
The Privacy Commissioner also attended the members-only session and closed session of the Forum on 1 and 2 December 2016. During the members-only session, topics on regulatory oversight and enforcement; national security, surveillance and disclosures to law enforcement; legal reforms; digital disruption; stakeholder engagement; privacy awareness and compliance, as well as innovative education and outreach strategies were discussed. As the Chairperson of the Technology Working Group of the APPA, the Privacy Commissioner reported the Group’s progress in exploring the Common or Baseline Security Measures.
The members-only session was followed by a closed session that was attended by APPA members and invited observers. Discussion in this session focused on the European Union’s General Data Protection Regulation, the mechanism of information sharing on investigations, as well as privacy and consent. Members also heard about the global privacy updates and developments, including the perspectives from the ICDPPC, the Global Privacy Enforcement Network and the Ibero-American Data Protection Network. Topics on de-identification and shared information on how privacy and data protection authorities can measure complainant / respondent satisfaction were also discussed.
– END –
Photos:
1. The Privacy Commissioner for Personal Data, Hong Kong, Mr Stephen Kai-yi WONG (middle) was invited as the moderator of the panel discussion on self-regulation schemes.
2. The Privacy Commissioner gave a presentation on “Self-regulation in Hong Kong” and introduced the Privacy Management Programme launched by the PCPD.
3. The Privacy Commissioner was interviewed by local media in Mexico, introducing current development of personal data protection in Hong Kong.