The former deputy Commonwealth Privacy Commissioner of Australia brings to Privacy International a wealth of experience from across the privacy spectrum. He is a visiting fellow at the University of New South Wales Law Faculty, and is Public Officer of the Australian Privacy Foundation. He is based in Australia.
The following statement was made to the APEC Data Privacy Subgroup meeting on 24 June 2013, in Medan, Sumatra, by Nigel Waters, attending the meeting as an invited guest. At previous meetings Mr Waters has represented Privacy International, but due to difficulties in obtaining guest status for PI (or other privacy or consumer NGOs) he has attended the last two meetings in an individual capacity.
Nigel Waters attended the APEC DPS meeting in Jakarta as an invited guest. He has previously either formally represented Privacy International or been a part of the Australian delegation. He continues to bring a critical civil society perspective to bear on the APEC privacy work.
There have been two rounds of meetings in 2012 of the OECD Committee for Information, Computer and Communications Policy (ICCP ) and some of its working parties – in May and October 2012, with further meeting of two working parties in December. A ‘foresight forum’ on the ‘big data’ theme was held on 22 October. Civil society interest in the ICCP work programme is formalised through the Civil Society Information Society Advisory Council (CSISAC).
APEC privacy activity has passed another milestone with the acceptance in July 2012 of the USA as the first economy to formally join the cross border privacy rules (CBPR) system. The CBPR Joint Oversight Panel (JOP), with the Canadian chair of the Data Privacy Subgroup (DPS) standing in for the US member in accordance with the ‘no conflict of interest’ provisions, accepted the US government application, which nominated the Federal Trade Commission (FTC) as the privacy enforcement authority and the FTC Act (15 USC 45) as the privacy law required by the CBPR protocols.
The APEC Data Privacy Subgroup (DPS) commenced a new five year work programme at a meeting in Moscow in February 2012. This follows the commitment by APEC Leaders in late 2011 to the Cross Border Privacy Rules (CBPR) system as one way implementing the APEC Data Privacy Framework.
The Joint Oversight Panel was formed at the DPS meeting in Moscow and comprises members from the US (chair), Chinese Taipei and Mexico, with the chair of the DPS (from Canada) as alternate – who will be needed if and when any of the other three economies apply for participation.
The second 2011 meeting of the APEC Privacy Subgroup took place in San Francisco in mid September, and finalised the package of documents that comprise the Cross Border Privacy Rules (CBPR) system. Endorsed by the parent Electronic Commerce Steering Group (ECSG), these will now go forward for ratification by Ministers in Hawaii in November, and subsequent implementation. The Subgroup’s 2012 Work Plan envisages establishment of the Joint Oversight Panel (JoP), commencement of recognition of Accountability Agents (AAs), and facilitating participation by economies in the CBPR syste
2011 is supposed to be the year that the APEC pathfinder projects on Cross Border Privacy Rules (CBPR) deliver a functional system for businesses to be certified for transfer of personal information between participating APEC economies.
Nigel Waters has previously represented Privacy International at APEC Data Privacy Subgroup meetings, on one occasion with PI having official guest status, otherwise indirectly through membership of the Australian delegation. On this occasion, expenses were paid by USAid for participation in the technical assistance seminar, and this allowed attendance at the other meetings.