4

專題報道

COVER STORY

PCPD News

私隱專員公署通訊

•

Issue no. 31

Mr Timothy Pilgrim

澳洲資訊專員公署私隱專員

Privacy Commissioner of

the Office of the Australian

Information Commissioner

Ms Edith Ramirez

美國聯邦貿易委員會主席

Chairwoman of the US Federal

Trade Commission (“FTC”)

我會繼續促請美國國會訂立全面的私隱及資料保安法例，我認為企業亦至少應採取下述

三個步驟（以在大數據世紀保障消費者的私隱）：

首先，所有參與大數據生命周期的企業必須致力向消費者提供透明度及選擇。這包括收

集、編纂、匯集及分析數據的公司，以及使用大數據的公司。其次，企業必須採取合

理步驟，保障消費者的個人資料；實施有效的資料保安，亦十分重要。最後，企業必須

負責任地使用大數據，不要對弱勢人士造成歧視或不利影響。

I will continue to urge our Congress to enact comprehensive privacy and data security

legislation. I also believe businesses should take at least the following three steps (to

protect consumer privacy in the era of big data):

First, all entities that have a role in the big data life cycle must step up their efforts

to provide consumers with transparency and choice. This includes the entities

that collect, compile, consolidate, and analyse data, and the entities that use big

data. Second, companies need to take reasonable steps to safeguard consumers’

personal information. The importance of implementing reasonable data security

cannot be overstated. Finally, businesses must use big data responsibly, in ways

that do not discriminate against or adversely affect vulnerable populations.

機構在使用新科技時需要承諾保障私隱。這同樣適用於大數據，因為我們不斷聽到，大

數據是大生意。我們亦需要聽到，保障私隱是大數據業務計劃的一部分。

鼓勵機構在目前的私隱框架內，考慮加強問責，這是重要及有用的。

在澳洲，我們正把重點轉向私隱問責及管治。為了支援機構，我們已推出私隱管理藍

圖，因為穩健有效的私隱管理藍圖有助發展新科技及活動，例如大數據，可以循保障私

隱方向發展。

健全的私隱管治亦可減低資料外洩的風險。即使發生事故，亦可妥善處理。這在大數據

世紀，尤其重要。

Organisations need to commit to getting privacy right when using new technology.

And this makes sense for big data because, as we keep hearing, big data is big

business. What we also need to hear is that getting privacy right is part of the big data

business plan.”

Encouraging organisations to consider the existing privacy framework with a greater

accountability lens is valuable.

In Australia, we are now turning our attention to privacy accountability and

governance. To support organisations, we have launched a Privacy Management

Framework, because having a strong and effective privacy governance framework in

place will help guide the development of new technologies and activities, like big

data, in a privacy friendly way.

Robust privacy governance also minimises the risk of data breaches occurring, or

enables them to be managed appropriately if they do occur. This is particularly

important in the era of big data.

經驗之談

Experience Sharing