The OAIC works with international regulators to address challenges faced across the data protection, privacy and information access landscape.
International access to information regulatory networks
Association of Information Access Commissioners
This Australian and New Zealand network is for information access authorities who administer freedom of information legislation. Members meet twice a year to share knowledge, upcoming projects and confer on regulatory frameworks and best practice.
In December 2022, the AIAC met in Wellington, New Zealand, marking the 40-year anniversary of information access laws being introduced in Australia and New Zealand. The Communique welcomed the opportunities to engage with neighbours in the Asia Pacific region on information access issues.
International Conference of Information Commissioners
The International Conference of Information Commissioners (ICIC) is constituted by Information Commissioners and Ombudsmen from across the globe who meet regularly to discuss issues related to the protection and promotion of the right to public information for the benefit of citizens. The OAIC sponsored the first international Resolution on Proactive Publication, which was endorsed by the ICIC in June 2021, supporting proactive publication of information relating to the COVID-19 pandemic. The resolution was co-sponsored by 7 other information commissioners from across Australia, New Zealand, the UK and Canada.
In September 2021, the Australian Information Commissioners and Ombudsmen released the Statement of Principles supporting proactive disclosure of government held information. The Statement of Principles recognises and promotes 4 key principles, including a culture of transparency, to assist in embedding a proactive culture across all public sector agencies. The principles were developed to fulfil the Open by Design commitment under consideration for inclusion in Australia’s Third Open Government National Action Plan 2021–2022, and are consistent with the June 2021 ICIC resolution.
Open Government Partnership
The Open Government Partnership (OGP) is an international initiative involving countries, local governments and civil society organisations that are working together to promote accountable, responsible and inclusive governance. The Australian Government became a member of the OGP in 2015, committing to support its goals of increasing the transparency and accountability of government. After governments join the OGP, they work with civil society to create National Action Plans setting out concrete steps that will be taken to increase openness over the next two years.
As a key integrity agency dedicated to managing government-held information as a national resource, we work as part of the Open Government Partnership Australia to progress these commitments, including by engaging states and territories to better understand information access.
Australia’s second Open Government National Action Plan 2018–20 contains eight commitments to enhance access to information, civic participation, public accountability, as well as technology and innovation for openness and accountability.
The OAIC is currently participating in the co-creation of Australia’s third National Action Plan.
International privacy regulatory networks
Global Privacy Assembly
The OAIC is a member of the Global Privacy Assembly which was established in 1979 and brings together more than 130 privacy and data protection authorities from across the globe.
It works throughout the year on global data protection policy issues, adopts resolutions and statements addressed to governments and policymakers, and arranges an annual conference.
The GPA has a number of working groups which undertake a range of activities to advance the GPA’s strategic objectives.
The OAIC actively participates in a number of the GPA working groups and co-chairs the Digital Citizen and Consumer Working Group with the Office of the Privacy Commissioner of Canada.
From October 2018 to October 2022, Commissioner Falk served as a member of the Executive Committee and from October 2019 to October 2022, she chaired the Strategic Direction Sub-Committee.
GPA Global Cross Border Enforcement Cooperation Arrangement
The GPA Global Cross Border Enforcement Cooperation Arrangement (GCBECA) commenced on 27 October 2015. The OAIC was one of the original signatories to the GCBECA.
The GCBECA encourages and facilitates cooperation and collaboration in the enforcement activities of global privacy enforcement authorities. The GCBECA provides a framework under which privacy enforcement authorities are encouraged to:
- share information about potential or ongoing investigations
- coordinate enforcement activities
- share best practices and experiences.
Asia Pacific Privacy Authorities
The OAIC is a founding member of Asia Pacific Privacy Authorities which was formed in 1992. APPA is the principal forum for privacy authorities in the Asia Pacific region to form partnerships and exchange ideas about privacy regulation, emerging risks and the management of privacy enquiries and complaints.
The OAIC actively participates in APPA forums, activities and initiatives such as the annual Privacy Awareness Week.
Attendance at APPA forums provides the OAIC with an opportunity to meet with international colleagues, engage on emerging privacy issues and obtain valuable insights into strategies adopted to address them.
At the 57th APPA forum in June 2022 hosted by the Office of the Privacy Commissioner for Personal Data, Hong Kong, the OAIC contributed to a panel discussion on privacy issues arising from emerging technologies.
At the 58th APPA forum in November 2022 hosted by the Personal Data Protection Commission of the Republic of Singapore, the OAIC contributed to a panel discussion on safeguarding children’s online privacy and heard about facial recognition enforcement activities undertaken in other jurisdictions.
Asia-Pacific Economic Cooperation
Australia was a founding member of the Asia-Pacific Economic Cooperation (APEC) which was formed in 1989. APEC administers a number of working groups including the Digital Economy Steering Group (DESG) formed in 2018. The DESG advises on the implementation of the APEC Internet and Digital Economy Roadmap (AIDER) which was adopted by APEC leaders in 2017.
APEC Privacy Framework
The Data Privacy Subgroup of the DESG is responsible for the implementation of the APEC Privacy Framework, updated in 2015. The APEC Privacy Framework was developed as a blueprint for greater regional cooperation on privacy rules and enforcement. The Framework is a set of principles and implementation guidelines created to promote electronic commerce throughout the Asia Pacific region.
In 2007, APEC economies endorsed the APEC Data Privacy Pathfinder , a commitment to work together to develop a system that provides for accountable cross-border data flows. This established a framework for economies to develop the Cross-Border Privacy Rules (CBPR) System (see below), which is consistent with the APEC Privacy Framework.
APEC Cross-border Privacy Enforcement Arrangement
The APEC Cross-border Privacy Enforcement Arrangement (CPEA) commenced on 16 July 2010 and was updated in 2019. The OAIC is one of 26 participants in the CPEA. This multilateral arrangement is the first mechanism in the APEC region for regulators to share information and provide assistance for cross-border data privacy enforcement. The CPEA is a significant step in the effective implementation of the APEC Privacy Framework.
Cross-Border Privacy Rules System
The APEC Cross Border Privacy Rules (CBPR) System commenced in November 2011 and was updated in 2019. The CBPR System is a government-backed data privacy certification that companies can join to demonstrate compliance with internationally recognised data privacy protections, consistent with the APEC Privacy Framework. There are currently 9 participating economies: USA, Mexico, Japan, Canada, Singapore, the Republic of Korea, Australia, Chinese Taipei and the Philippines. Australia is a participant but has yet to implement this system domestically.
The Global CBPR Forum was established on 21 April 2022 by Canada, Japan, Singapore, the Republic of Korea, the Philippines, Singapore, Chinese Taipei and the USA to open up the APEC CBPR System to participation by non-APEC members. Australia joined the Global CPRR Forum in August 2022.
Common Thread Network
The Common Thread Network (CTN) brings together data protection and privacy authorities from Commonwealth countries.
Global Privacy Enforcement Network
The OAIC is part of the Global Privacy Enforcement Network (GPEN), which was formed in 2010 to facilitate cross-border cooperation in the enforcement of privacy laws.
GPEN builds on the Organisation for Economic Co-operation and Development’s (OECD) Recommendation in the Enforcement of Laws Protecting Privacy, which recognised the need for greater cooperation between privacy enforcement authorities on cross-border privacy matters due to increasing cross-border data flows.