Privacy law

From Wikipedia, the free encyclopedia

You have new messages (last change).

Privacy law is the area of law concerning the protecting and preserving the privacy rights of individuals. By definition, most countries treat privacy as the rights of individuals and not institutions. The Governments and other organizations collect vast amounts of personal information for a variety of purposes. The law of privacy limits how these organizations can collect and use this information.

Contents

[edit] Basic Privacy Principles1

The Fair Information Practice Principles form the basis for many privacy laws in the across the world. These principles are:

  • OPENNESS:

There should be a general policy of openness about the practices and policies with respect to personal information. Generally, the publication of the privacy policy is an outcome of this aspect.

  • COLLECTION LIMITATION:

Personal information should be collected only for a stated purpose by lawful and fair means and with the knowledge or consent of the subject. The options of opt-in and opt-out are a result of such a principle.

  • PURPOSE SPECIFICATION:

The purpose for collecting personal information should be specified at the time of collection. Further uses should be limited to those purposes. E.g., when a opt-in is provided, it has to be associated with a stated purpose such as sharing with commerce partners or for newsletters or sending in additional product information.

  • USE LIMITATION:

Personal information should not be used for purposes other than those specified, except with the consent of the subject or by the authority of law. E.g., if a personal email address is collected for sending in a newsletter, the email address must not be used to send in additional product information, etc. without the consent of the individual.

  • DATA QUALITY:

Personal information should be accurate, complete, timely, and relevant to the purpose for which it is to be used. This is an important principle in areas where critical decisions such as healthcare decisions or financial decisions about an individual are made. Only the reliable information should be used for the such purposes.

  • INDIVIDUAL PARTICIPATION:

Individuals should have the right to inspect and correct their personal information. Since critical decisions are made with respect to each

  • SECURITY SAFEGUARDS:

Personal information should be protected against such risks as loss, unauthorized access, destruction, modification, or disclosure.

  • ACCOUNTABILITY:

Someone in an organization should be held accountable for compliance with the organization’s privacy policy.


[edit] "Safe Harbor" Privacy Framework

Unlike the U.S. approach to privacy protection, which relies on industry-specific legislation, regulation and self-regulation, the European Union relies on comprehensive privacy legislation. The European Directive on Data Protection that went into effect in October 1998, includes, for example, the requirement to create government data protection agencies, registration of databases with those agencies, and in some instances prior approval before personal data processing may begin. In order to bridge these different privacy approaches and provide a streamlined means for U.S. organizations to comply with the Directive, the U.S. Department of Commerce in consultation with the European Commission developed a "safe harbor" framework. The safe harbor - approved by the EU in July of 2000 - is a way for U.S. companies to comply with European privacy laws.

[edit] Classification of Privacy Laws

Privacy Laws can be broadly classified into:

[edit] General Privacy Laws

  • General Privacy Laws: These laws have a overall bearing on the personal information of individuals and affect the policies that govern many different areas of information

[edit] Specific Privacy Laws

  • Specific Privacy Laws: These laws are designed to protect specific types of information such as health information, financial information,etc. about individuals.

[edit] Health Privacy Laws

[edit] Financial Privacy Laws

[edit] Online Privacy Laws

[edit] Communication Privacy Laws

[edit] International Privacy Laws

[edit] Australia

In Australia, the federal Privacy Act 1988 sets out principles in relation to the collection, use, disclosure, security and access to personal information. The Act applies to Australian Government and Australian Capital Territory agencies and private sector organisations (except some small businesses). The Office of the Privacy Commissioner is the complaints handler for alleged breaches of the Act. Some Australian States have enacted privacy laws.

The Australian Law Reform Commission [1]is currently conducting an extensive inquiry into privacy law in Australia and is due to report to the Australian Government in March 2008.

More information about Austrailian Privacy Laws can be found at Federal Privacy Law

[edit] Canada

In Canada, the federal Personal Information Protection and Electronic Documents Act governs the collection, use and disclosure of personal information in connection with commercial activities and personal information about employees of federal works, undertakings and businesses. It generally does not apply to non-commercial organizations or provincial governments. Personal information collected, used and disclosed by the federal government and many crown corporations is governed by the Privacy Act. Many provinces have enacted similar provincial legislation such as the Ontario Freedom of Information and Protection of Privacy Act which applies to public bodies in that province.

There remains some debate whether there exists a common law tort for breach of privacy. There have been a number of cases identifying a common law right to privacy but the requirements have not been articulated. [1]

[edit] See also

Legislation

[edit] References

1. Fair Information Practice Principles 2. List of Privacy Laws

Retrieved from "http://en.wikipedia.org../../../p/r/i/Privacy_law.html"