No edit summary |
No edit summary |
||
| Line 2: | Line 2: | ||
| − | The '''OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data''' contain a revised version of the [[Fair Information Practices]] developed by the U.S. Department of Health, Education & Welfare in its 1973 report titled ''[[Records, Computers and the Rights of Citizens: Report of the Secretary’s Advisory Committee on Automated Personal Data Systems |
+ | The '''OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data''' contain a revised version of the [[Fair Information Practices]] developed by the U.S. Department of Health, Education & Welfare in its 1973 report titled ''[[Records, Computers and the Rights of Citizens]]: Report of the Secretary’s Advisory Committee on Automated Personal Data Systems'' (1973). |
The OECD version of the [[Fair Information Practices]] was reaffirmed by OECD ministers in a 1998 declaration and further endorsed in a 2006 OECD report.<ref>[[OECD, Making Privacy Notices Simple: An OECD Report and Recommendations]] (July 24, 2006).</ref> The OECD version of the principles states: |
The OECD version of the [[Fair Information Practices]] was reaffirmed by OECD ministers in a 1998 declaration and further endorsed in a 2006 OECD report.<ref>[[OECD, Making Privacy Notices Simple: An OECD Report and Recommendations]] (July 24, 2006).</ref> The OECD version of the principles states: |
||
Revision as of 04:32, 20 June 2008
Citation: OECD, Guidelines on the Protection of Privacy and Transborder Flow of Personal Data (Sept. 23, 1980)
The OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data contain a revised version of the Fair Information Practices developed by the U.S. Department of Health, Education & Welfare in its 1973 report titled Records, Computers and the Rights of Citizens: Report of the Secretary’s Advisory Committee on Automated Personal Data Systems (1973).
The OECD version of the Fair Information Practices was reaffirmed by OECD ministers in a 1998 declaration and further endorsed in a 2006 OECD report.[1] The OECD version of the principles states:
- Collection limitation. The collection of personal information should be limited, should be obtained by lawful and fair means, and, where appropriate,
with the knowledge or consent of the individual.
- Data quality. Personal information should be relevant to the purpose for
which it is collected, and should be accurate, complete, and current as needed for that purpose.
- Purpose specification. The purposes for the collection of personal information should be disclosed before collection and upon any change to that purpose, and its use should be limited to those purposes and compatible purposes.
- Use limitation. Personal information should not be disclosed or otherwise used
for other than a specified purpose without consent of the individual or legal authority.
- Security safeguards. Personal information should be protected with reasonable
security safeguards against risks such as loss or unauthorized access, destruction, use, modification, or disclosure.
- Openness. The public should be informed about privacy policies and practices, and individuals should have ready means of learning about the use of personal information.
- Individual participation. Individuals should have the following rights: to know about the collection of personal information, to access that information, to request correction, and to challenge the denial of those rights.
- Accountability. Individuals controlling the collection or use of personal
information should be accountable for taking steps to ensure the implementation of these principles.
- ↑ OECD, Making Privacy Notices Simple: An OECD Report and Recommendations (July 24, 2006).