1 Allan Chiang, S.B.S. Privacy Commissioner for Personal Data 8 July 2013 Asian Privacy Scholars Network Conference Balance between Access to Public Domain.

Slides:



Advertisements
Similar presentations
PRIVACY ACT OF 1974 OVERVIEW. FAIR INFORMATION PRACTICES The Privacy Act is primarily concerned with fair information practices. The Privacy Act is primarily.
Advertisements

Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.
IMPS Information Management and Policy Services Information Services Directorate A briefing for all University staff November 2004 New Information Legislation.
Data Protection Information Management / Jody McKenzie.
BIOMETRICS, CCTV & DATA PROTECTION By Drudeisha Madhub Data Protection Commissioner Date:
Unified Carrier Registration (UCR) Update August 24, 2006.
Brokering Requirements for the Firearms Industry July Export Control Services.
Domain Name Registrant Data: The Privacy Questions Alan Davidson Center for Democracy and Technology
Hong Kong Privacy Code on Human Resource Management
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.
2 H. Westley Clark, M.D., J.D., M.P.H., CAS, FASAM Director Center for Substance Abuse Treatment Substance Abuse Mental Health Services Administration.
Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.
Data Protection: The Law. EU & Irish Legislation Data Protection Directive 95/46/EC Electronic Privacy Directive 2002/58/EC EUROPOL etc Data Protection.
Data Protection Overview
The Data Protection Act
Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)
THE PERSONAL DATA PROTECTION ACT 2010: ISSUES & IMPLICATIONS
1 Introduction to the Personal Data (Privacy) Ordinance.
Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.
Ukrainian Bar Association Cyprus Companies September 2009 Presentation during 2009 UBA Conference, Limassol, Cyprus Use of Jurisdictions for structuring.
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.
Data Protection and You Your Rights & The Law Registration Basics Other Activities Disclaimer: This presentation only provides an introductory info. Please.
1 Freedom of Information (Scotland) Act 2002 A strategic view.
MINISTRY FOR RURAL AFFAIRS AND THE ENVIRONMENT MINISTER PERMANENT SECRETARY MALTA ENVIRONMENT & PLANNING AUTHORITY (MEPA) DIRECTOR GENERAL (AGRICULTURAL.
The Eighth Asian Bioethics Conference Biotechnology, Culture, and Human Values in Asia and Beyond Confidentiality and Genetic data: Ethical and Legal Rights.
FERPA: What you Need to Know The Family Educational Rights and Privacy Act & SEI.
The FPP Test What you (or your students) need to know Flight Training Division Presentation AIA Aviation Week Conference July 2011.
Data Protection Act AS Module Heathcote Ch. 12.
IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.
Calloway County Schools CONFIDENTIALITY TRAINING Protection of Personal Information School Year
Processing personal health data: the regulator’s perspective Ken Macdonald Assistant Commissioner Information Commissioner’s Office.
The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;
Why the Data Protection Act was brought in  The 1998 Data Protection Act was passed by Parliament to control the way information is handled and to give.
BTEC ICT Legal Issues Data Protection Act (1998) Computer Misuse Act (1990) Freedom of Information Act (2000)
PRESENTATION TO THE NCOP ON THE CONVENTION ON INTERNATIONAL INTERESTS IN MOBILE EQUIPMENT BILL, MARCH 2007.
1 CONFIDENTIALITY. 2 Requirement Under IDEA 34 CFR Sec (c) All staff collecting or using personally identifiable information in public education.
Do Not Call Register scheme Peter Sutton Manager Do Not Call Taskforce International Training Program 12 September 2006.
IM NETWORK MEETING 20 TH JULY, 2010 CONSULTATION WITH 3 RD PARTIES.
‘Linkage’ & other TRIPS+ provisions: a public health perspective Karin Timmermans World Health Organization Seminar “Data exclusivity and patent Bangkok.
PROTECTION OF PERSONAL DATA. OECD GUIDELINES: BASIC PRINCIPLES OF NATIONAL APPLICATION Collection Limitation Principle There should be limits to the collection.
ARC 807: Professional Practice and Procedure Department of Architecture, Federal University of Technology, Akure, Nigeria ARC 807: Professional Practice.
When Can You Redact Information Without Requesting an Attorney General Decision? Karen Hattaway Assistant Attorney General Open Records Division Views.
An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.
Human Rights Act, Privacy in the context of auditing Phil Huggins Chief Technologist, IRM PLC
APEC Privacy Framework “The lack of consumer trust and confidence in the privacy and security of online transactions and information networks is one element.
Copyright, Intellectual Property, and Privacy 1 Lesson Plan: BMM A9-4.
CONFIDENTIALITY. Three Confidentiality Laws 1.FERPA-Family Education Rights and Privacy Act (State Policy 4350: Procedures for the Collection, Maintenance.
© University of Reading Lee Shailer 06 June 2016 Data Protection the basics.
Data protection—training materials [Name and details of speaker]
Sharing Information Legally Lindsay Ould London Borough of Lewisham.
Freedom of Information Act ‘What you need to know’ Corporate Information Governance Team Strategic Intelligence.
Protection of Personal Information Act An Analysis on the impact.
Understanding Privacy An Overview of our Responsibilities.
Data Protection Laws in the European Union John Armstrong CMS Cameron McKenna.
Understanding Privacy An Overview of our Responsibilities.
Students’ Unions 2011 Data Protection and Students’ Unions Mairead O’Reilly 19 July 2011.
HIPAA Training Workshop #3 Individual Rights Kaye L. Rankin Rankin Healthcare Consultants, Inc.
Connectivity to bank and sample account structure
Data Protection: The Law
DIVISIONAL COMMISSIONER CRIME PREVENTION M W MAKHUBELA
Data Protection The Current Regime
PERSONAL DATA PROTECTION ACT 2010
Data Protection & Freedom of Information- An Introduction
Data Protection Reform in Local Government
BVI Business Companies Act Workshop
G.D.P.R General Data Protection Regulations
The activity of Art. 29. Working Party György Halmos
Data protection & FOIA considerations
EU Data Protection Legislation
Presentation transcript:

1 Allan Chiang, S.B.S. Privacy Commissioner for Personal Data 8 July 2013 Asian Privacy Scholars Network Conference Balance between Access to Public Domain Information and the Protection of Personal Data

2 Sources of Public Domain Information  Companies register  Land register  Register of vehicles  SFC’s register of licensed persons and registered institutions  Notice of intended marriage  Register of voters

3  Judiciary’s daily cause list  Judiciary’s cause book  Government gazette  Telephone directory  Professional or business directory, listing or notice Sources of Public Domain Information

4 Correction: Personal data, be it publicly available or not, is subject to protection under the PDPO Myth: Public Domain Information is Open to Unrestricted Use

5 Use Limitations  DPP3: unless the data subject has given prior consent, personal data shall be used for the purpose for which they were originally collected or a directly related purpose

6 Personal Data in Public Domain still Subject to PDPO  Government confirmed LRC’s view “putting personal data in the public domain does not make the data available for use for any purpose”  Hon Chu JA in Re Hui Kee Chun, CACV 4/2012 DPP3 “is directed against the misuse of personal data and it matters not that the personal data involved has been published elsewhere or is publicly available”

7 Implications of Unfettered Use of Data  Privacy intrusion in general  Insufficient or no control over data security, accuracy, retention  Function creep, e.g. direct marketing, profiling  Identity theft, stalking and surveillance etc.

8 Use Limitations  DPP3: unless the data subject has given prior consent, personal data shall be used for the purpose for which they were originally collected or a directly related purpose

9 Use Limitations  Original purpose: explicit SFC’s register: Security & Futures Ordinance “ For the purposes of enabling any member of the public to ascertain whether he is dealing with a licensed person or a registered institution in matters of or connected with any regulated activity and to ascertain the particulars of the licence or registration of such person or institution (as the case may be), the register shall be made available for public inspection…”

10  Original purpose: explicit Government telephone directory: an explicit use restriction to the effect that the information (government officials’ names and contact details) is not intended to be used for direct marketing activities and the information should not be transferred for commercial gains Use Limitations

11 Use Limitations  Original purpose: implied Register of vehicles is established under the Road Traffic (Registration and Licensing of Vehicles) Regulation “to provide for the regulation of road traffic and the use of vehicles and roads (including private roads) and for other purposes connected therewith” Hence permitted use of personal data should relate to traffic and transport matters

12 Use Limitations  Directly related purpose  Data subject’s reasonable expectation: Assessed on a case by case basis Take into account specific context of data collection and sensitivity of data Will a reasonable person in the data subject’s situation finds the data re-use unexpected, inappropriate or otherwise objectionable based on the context of the data collection?

13  Vehicle owner  Company director  Property owner Hypothetical Scenarios for DPP3 Application

14 Privacy rights Other rights Public interests

15 Exemptions from DPP3 under PDPO  Section 52 (domestic purposes)  Section 58 (crime)  Section 59 (health)  Section 60B (legal proceedings)  Section 61 (news)  Section 62 (statistics and research)  Section 63 (emergency situation)

16 Protection Measures: Examples of Good Practice  Vehicle owners particulars Administrative measures to remind applicants that personal data is provided for traffic and transport-related matters Applicants asked to declare purpose of use of personal data sought

17 Protection Measures: Examples of Good Practice  Land registry Massive download of data not possible  Marriage registry Notice amended in 2005 to include less data than those supplied by the marrying parties  Register of voters Use of personal data for any purpose other than a purpose related to the election is an offence under the Electoral Affairs Commission Regulation

18 Protection Measures: Examples of Good Practice  Government telephone directory An explicit use restriction to the effect that the information (government officials’ names and contact details) is not intended to be used for direct marketing activities and the information should not be transferred for commercial gains

19 Protection Measures: Examples of Failures  Vehicle owners particulars Irrespective of whether a purpose of use of data is indicated and what purpose is indicated, C for T has to comply with the request  Company register Unfettered public access to company directors’ HKID and residential addresses  Land registry Unfettered public access to property owners’ identity card numbers and signatures

20 Way Ahead  Education  Enforcement  Legislation

21 Thank You

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.