The Protection of Personal Information Bill (Bill) is expected to be high on the Parliamentary agenda during 2010, over the course of the next few months, each of the eight core information protection principles will be discussed in turn to provide an indication of how the Bill is likely to impact every organisation that processes personal information.
Overview of principles
The Bill is founded on a set of eight core information protection principles that have evolved over time in various jurisdictions around the world. These jurisdictions include the European Union and the regions belonging to the Organisation for Economic Cooperation and Development (OECD), the Commonwealth and the Asia-Pacific Economic Cooperation (APEC). Over the years, the principles contained in the Bill have become recognised as the leading practice baseline for effective data privacy regulation around the world. They are generally believed to reflect an acceptable compromise between the right to privacy and the legitimate need to use personal information for private sector business purposes and, the duty of both the public and private sectors to give effect to the equally fundamental right of access to information on the other hand.
The eight information protection principles contained in the Bill are the following:
- Principle 1: Accountability
- Principle 2: Processing Limitation
- Principle 3: Purpose Specification
- Principle 4: Further Processing Limitation
- Principle 5: Information Quality
- Principle 6: Openness
- Principle 7: Security Safeguards
- Principle 8: Data Subject Participation
A discussion of the principals contained in the Bill: