Data Privacy

Download as txt, pdf, or txt
Download as txt, pdf, or txt
You are on page 1of 3

PRIVACY online

1 - Privacy helps reinforce user trust of online services, yet online privacy is
under constant pressure of being undermined.

2 - Privacy is an important right and an essential enabler of an individual’s


autonomy, dignity, and freedom of expression. Yet, there is no universally agreed
definition of privacy.

3 - Promoting strong, technology-neutral data privacy laws, privacy-by-design


principles, and ethical data collection and handling principles is a key approach
to protecting and fostering online privacy.

First things first: Although there is no universal privacy or data protection law
that applies across the Internet, several international and national privacy
frameworks have largely converged to form a set of core, baseline privacy
principles. One of the most influential of these is the Organisation for Economic
Co-Operation and Development (OECD) 2013 Privacy Guidelines

1- There should be limits to the collection of personal data. Any such data should
be obtained by lawful and fair means and, where appropriate, with the knowledge or
consent of the data subject (the individual).

2- Personal data should be relevant to the purposes for which they are to be used,
and, to the extent necessary for those purposes, should be accurate, complete, and
kept up to date.

3- The purposes for which personal data is collected should be specified. The use
should be limited to those purposes or other purposes that are not incompatible.

4- Personal data should not be disclosed, made available, or used for other
purposes except with the consent of the individual or where authorised by law.

5- It should be noted that many of these principles imply transparency concerning


who is collecting data, and what it is being used for.

6- Personal data should be protected by reasonable security safeguards. For data in


motion, the most effective solution is strong, reliable encryption, both to protect
data confidentiality and integrity, and as the foundation of reliable
authentication, authorization and access control.

7- There should be a general policy of openness about developments, practices, and


policies concerning personal data.

8- Individuals should have the right to obtain information about their personal
data held by others and to have it erased, rectified, completed, or amended, as
appropriate.

9- Those who collect personal data should be accountable for complying with privacy
principles.

----- Definition for PERSONAL DATA is “any information relating to an identified


or identifiable individual”

1- Privacy and data protection laws are not the same across all countries, and some
countries do not have privacy or data protection laws.
2- Even where the data is covered by the laws of both countries, the protections
may vary (e.g., data collection may be opt-in or opt-out). To complicate matters
further, more than one country may assert that its laws apply.

3- Several international and national privacy frameworks have largely converged to


form a set of core, baseline privacy principles. One of the most influential of
these is the Organisation for Economic Co-Operation and Development (OECD) 2013
Privacy Guidelines.

1- The Internet spans national borders, yet privacy and data protection laws are
based on national sovereignty.

2- Provisions are needed to protect personal data that leaves one country and
enters another to ensure the continuity of data protection for users.

3- Information about you may be shared with others without your knowledge or
consent. It may happen because of something you do or something someone else does.

As personal data has monetary and strategic value to others that may not be aligned
with an individual’s interests, it is a challenge to ensure that it is only
collected and used appropriately.

1- Global interoperability. Encourage openly developed, globally interoperable


privacy standards and regulations to ensure that personal data does not lose the
protection it needs, just because it has crossed a border.

2- Collaboration. Foster multi-stakeholder collaboration and a holistic approach


that ensures value to all stakeholders. Encourage businesses to make the data-
driven economy more sustainable.

3- Ethics. Encourage privacy frameworks that apply an ethical approach to data


collection and handling. Ethical approaches incorporate, among other things, the
concepts of fairness, transparency, participation, accountability, and legitimacy
in the collection and handling of data.

4- Privacy impact. Understand the privacy impact of personal data collection and
use. Consider the privacy implications of metadata. Recognize that even the mere
possibility of personal data collection could interfere with the right to privacy.
Further, understand that an individual’s privacy may be impacted even if he or she
is not identifiable, but can be singled out.

5- Anonymity and Pseudonymity. Individuals should have the ability to communicate


confidentially (e.g. using encryption), pseudonymously and/or anonymously on the
Internet.Data minimization. Encourage data minimization practices. Insist on
selective data collection and use of only the necessary data for only as long as it
is needed.

6- Choice. Empower users to be able to negotiate fair data collection and handling
terms on an equal footing with data collectors, as well as be able to give
meaningful consent.

7- Legal environment. Promote strong, technology-neutral laws, compliance, and


effective enforcement. These laws should focus on desired privacy outcomes, rather
than specifying particular technological means to direct privacy practices.
8- Technical environment. Encourage open environments that support the voluntary,
consensus-based development of protocols and standards that support privacy-
enhancing solutions.

9- Business environment. Encourage businesses to recognise that privacy-respecting


approaches can provide competitive advantages and to make the data-driven economy
more sustainable.

Privacy-by-design principles. Promote privacy-by-design throughout the development,


implementation, and deployment cycle. Privacy-by-design principles should also be
applied to the development of standards, applications, services, and business
processes.

10- Tools. Promote the development of usable tools that empower users to express
their privacy preferences and to communicate confidentially (e.g., encryption) and
anonymously or pseudonymously; and enable service providers to offer choices and
visibility into what is happening with user data.

1- Personal data has monetary and strategic value to others that may not be aligned
with an individual’s interests.

2- Ethical data collection and handling principles can assist in protecting online
privacy.

3- Ethical privacy frameworks incorporate, among other things, the concepts of


fairness, transparency, participation, accountability, and legitimacy in the
collection and handling of data.

REPUBLIC ACT 10173 - DATA PRIVACY ACT OF 2012

You might also like