Independence of Data Privacy Authorities: International Standards and Asia-Pacific Experience

Computer Law & Security Review, Vol. 28, Issues 1 & 2, 2012

U. of Edinburgh School of Law Working Paper No. 2011/42

49 Pages Posted: 14 Dec 2011 Last revised: 1 Feb 2014

See all articles by Graham Greenleaf

Graham Greenleaf

University of New South Wales, Faculty of Law

Date Written: December 13, 2011

Abstract

Part I of this article analyses the views of learned commentators on what constitutes the ‘independence’ of data protection authorities (DPAs). It concluded that a more satisfactory answer needed to be found in the international instruments on data privacy and on human rights bodies, their implementation and judicial interpretation, and in the standards that have been proposed and implemented by DPAs themselves. It found that only the OECD and APEC privacy agreements did not require a DPA (and therefore had no standards for its independence). Thirteen factors were identified as elements of ‘independence’ across these instruments and standards, five of which were more commonly found than others.

Part II of this article considers how criteria for independence of DPAs have been implemented in those jurisdictions in the Asia-Pacific with data privacy laws (Australia, Hong Kong SAR, India, Japan, Macau SAR, Malaysia, South Korea, Taiwan, and Thailand, plus five Australian States and Territories). It finds seven of the elements of independence found in international instruments and standards are often found in these jurisdictions, and some others are found occasionally. It argues that the jurisdictions in the Asia-Pacific whose data privacy laws include an independent DPA provide a better level of privacy protection than those whose laws do not include a DPA, based on conclusions about effectiveness in other studies. However, regional experience does not yet tell us much about the most desirable structure for a DPA.

To be published in two parts in 2012.

Suggested Citation

Greenleaf, Graham, Independence of Data Privacy Authorities: International Standards and Asia-Pacific Experience (December 13, 2011). Computer Law & Security Review, Vol. 28, Issues 1 & 2, 2012; U. of Edinburgh School of Law Working Paper No. 2011/42. Available at SSRN: https://ssrn.com/abstract=1971627 or http://dx.doi.org/10.2139/ssrn.1971627

Graham Greenleaf (Contact Author)

University of New South Wales, Faculty of Law ( email )

Sydney, New South Wales 2052
Australia
+61 2 9385 2233 (Phone)
+61 2 9385 1175 (Fax)

HOME PAGE: http://www2.austlii.edu.au/~graham

Register to save articles to
your library

Register

Paper statistics

Downloads
368
rank
75,204
Abstract Views
1,172
PlumX Metrics