OECD Modernizes Privacy Guidelines

By Matt Klinger

The Organization for Economic Cooperation and Development (OECD) recently updated its Guidelines governing the Protection of Privacy and Transborder Flows of Personal Data ("Revised Guidelines").   While the set of eight principles established in the original guidelines published in 1980 remain intact, the Revised Guidelines introduce at least three new concepts: (1) the importance of a coordinated national privacy strategy; (2) the need for privacy management programs within organizations; and (3) data breach security notification regimes.

In addition, the OECD has highlighted two themes that run throughout the Revised Guidelines.  First is a "focus on the practical implementation of privacy protection through an approach grounded in risk management."  Second is the "need for greater efforts to address the global dimension of privacy through improved interoperability." 

These revisions help modernize the guidelines to accommodate vast changes in data generation and flows since 1980.  They also serve, however, to highlight the enduring nature of the OECD's data protection principles.