Galexia
             home
       about us
        services
        projects
       research
          contact
» home » research » assets » benchmarks for global privacy 2009  

Subscribe to Galexia news and announcements.
More information »

Strategic Privacy Consulting: Galexia has expertise and experience in privacy compliance throughout the Asia Pacific region. Find out more »

[2018 Global Cloud Computing Readiness Scorecard]

2018 Global Cloud Computing Readiness Scorecard
Find out more »

Benchmarks for Global Privacy Standards (November 2009)

[« previous] [next »] [up] [title page] [full contents]

4.4. Benchmark 4 – Meaningful Enforcement

Protection of privacy rights requires the presence and appropriate use of meaningful enforcement powers.

A Global Privacy Standard should promote privacy protection that meets the following criteria:

1. Privacy protection should include appropriate enforcement powers for regulators, with sufficient strength to act as a deterrent to organisations.

2. Privacy protection should include a commitment by regulators to actually use these enforcement powers in appropriate circumstances. There may be a general discretion for regulators to conciliate disputes and issue warnings, but they must ultimately be willing to use enforcement powers for serious or repeat infringements of privacy rights.

3. Privacy protection should include the ability for individuals and regulators to prevent harm, for example through seeking injunctions or issuing compliance notices. Injunctions and compliance notices are particularly useful in the privacy arena, as they may assist in preventing harm. Once personal information is disclosed it can be difficult to repair the damage using other sanctions and remedies.

4. Privacy protection should include a hierarchy of sanctions and remedies, so that sanctions and remedies can be used that are appropriate for the harm suffered. Sanctions and remedies may include an apology, deletion of data, correction of data, corrective advertising, changes to policies and procedures, remedial training, financial compensation, fines, publication etc.

5. Privacy protection should include the right for an aggrieved individual to seek a determination by a regulator, including the publication of written reasons for the regulator’s decision.[10]

6. Protection of privacy rights requires transparency of enforcement, in the interests both of complainants and those being regulated, and to effect the behaviour of both. Transparency requires the statistical reporting of complaints and the regular publication of case studies. Serious complaints should always be the subject of a public report.[11]

[10] This requirement is intended to address a weakness in many jurisdictions where the regulator can choose not to investigate a complaint, with no further recourse for the complainant.

[11] For more detailed discussion of transparency, see: Greenleaf G, Reporting Privacy Complaints (2002) Privacy Law and Policy Reporter 41-48, 74-79 and 111-115. Professor Greenleaf has proposed that Transparency of Enforcement should be developed as a stand-alone benchmark.

[« previous] [next »] [up] [title page] [full contents]

[full document] [download PDF version]

[up to research]

 

Search for:

HERE

PrintVersionprint this page

Sitemapsitemap

Subcribe to RSS newsrss news feed

Manage email subscriptionsmanage email subscriptions

Latest News

September 2019
Register of Public Galexia PIAs. Read more »

September 2019
Updates to Galexia Website. Read more »

September 2019
PM&C / Office of the National Data Commissioner (ONDC) releases Discussion Paper and accepts recommendations from Galexia’s PIA on the proposed Data Sharing and Release legislative framework. Read more »

August 2019
Galexia providing privacy advice and an independent public Privacy Impact Assessment (PIA) on 2021 Census for ABS. Read more »

June 2019
Galexia completes privacy advice and an independent Privacy Impact Assessment (PIA) on the Naval Shipbuilding College Workforce Register. Read more »

view all news items »

[Home] [Sitemap] [Print this page] [Privacy statement]

© Galexia Pty Ltd
Telephone: +61 (02) 9660 1111
Email: [email protected]