'It’s Nearly 2020, so What Fate Awaits the 1980 OECD Privacy Guidelines? (A Background Paper for the 2019 OECD Privacy Guidelines Review)' by Graham Greenleaf in (2019) 159
Privacy Laws & Business International Report 18-21
comments
The Organisation for Economic Co-operation and Development (OECD) is again reviewing, and perhaps revising, its Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, originally made in 1980, and revised once in 2013. It is therefore an opportune time to consider what continuing relevance do the Guidelines have, and what are the prospects of this review making them more relevant to the future of data privacy laws. This background paper surveys the origins and significance of the 1980 Guidelines and their very limited revision in 2013. It is unclear whether the 2019 ‘review’ which is now underway will be a further revision. 1980 is nearly 40 years ago, and the international environment now includes the GDPR, Convention 108+, and regional instruments and standards which are much stronger than the Guidelines.
The overall question addressed in this paper is whether the Guidelines will serve a useful future purpose if they are not revised and strengthened substantially. They could remain largely as they are, a bastion of low privacy standards. Or they could be revised to become a moderate (rather than rock-bottom) minimum standard of data privacy protections, and as a more credible candidate for what convergence initiatives could aim to implement.