|
Information privacy or data protection laws prohibit the disclosure or misuse of information held on private individuals. Over 80 countries and independent territories have now adopted comprehensive data protection laws including nearly every country in Europe and many in Latin America and the Caribbean, Asia and Africa. The US is notable for not having adopted a comprehensive information privacy law but rather having adopted limited sectoral laws in some areas. These laws are based on Fair Information Practice, first developed in the United States in the 1970s by the Department for Health, Education and Welfare (HEW). The basic principles of data protection are: * For all data collected there should be a stated purpose * Information collected by an individual cannot be disclosed to other organizations or individuals unless specifically authorized by law or by consent of the individual * Records kept on an individual should be accurate and up to date * There should be mechanisms for individuals to review data about them, to ensure accuracy. This may include periodic reporting * Data should be deleted when it is no longer needed for the stated purpose * Transmission of personal information to locations where "equivalent" personal data protection cannot be assured is prohibited * Some data is too sensitive to be collected, unless there are extreme circumstances (e.g., sexual orientation, religion) ==Canada== In Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) went into effect on 1 January 2001, applicable to private bodies which are federally regulated. All other organizations were included on 1 January 2004.〔(【引用サイトリンク】url=http://www.priv.gc.ca/index_e.asp )〕〔(The Personal Information Protection and Electronic Documents Act - Privacy Commissioner of Canada )〕 The PIPEDA brings Canada into compliance with EU data protection law. PIPEDA specifies the rules to govern collection, use or disclosure of the personal information in the course of recognizing the right of privacy of individuals with respect to their personal information. It also specifies the rules for the organizations to collect, use, and disclose personal information. The PIPEDA apply to: # The organizations collects, uses or disclosure in the matter of commercial use. # The organizations and the employee of the organization collect, use, or discloses in the course of operation of a federal work, undertaking or business. The PIPEDA Does NOT apply to # Government institutions to which the Privacy Act applies. # Individuals who collect, use, or disclose personal information for personal purpose and use. # Organizations which collect, use, or disclose personal information only for the purpose of journalist, art or literary. As specified in PIPEDA: "Personal Information" means information about an identifiable individual, but does not include the name, title or business address or telephone number of an employee of an organization. "Organization"means an association, a partnership, a person and a trade union. "federal work, undertaking or business" means any work, undertaking or business that is within the legislative authority of Parliament. Including # a work, undertaking or business that is operated or carried on for or in connection with navigation and shipping, whether inland or maritime, including the operation of ships and transportation by ship anywhere in Canada; # a railway, canal, telegraph or other work or undertaking that connects a province with another province, or that extends beyond the limits of a province; # a line of ships that connects a province with another province, or that extends beyond the limits of a province; # a ferry between a province and another province or between a province and a country other than Canada; # aerodromes, aircraft or a line of air transportation; # a radio broadcasting station; # a bank; # a work that, although wholly situated within a province, is before or after its execution declared by Parliament to be for the general advantage of Canada or for the advantage of two or more provinces; # a work, undertaking or business outside the exclusive legislative authority of the legislatures of the provinces; and # a work, undertaking or business to which federal laws, within the meaning of section 2 of the Oceans Act, apply under section 20 of that Act and any regulations made under paragraph 26(1)(k) of that Act. The PIPEDA gives individuals the right to: # understand the reasons why organizations collect, use, or disclose personal information. # expect organizations to collect, use or disclose personal information in a reasonable and appropriate way. # understand who in the organizations pays the responsibility for protecting individuals' personal information. # expect organizations to protect the personal information in a reasonable and secure way. # expect the personal information held by the organizations to be accurate, complete, and up-to-date. # have the access to their personal information and ask for any corrections or have the right to make complain towards the organizations. The PIPEDA requires organizations to: # obtain consent before they collect, use, and disclose any personal information. # collect personal information in a reasonable, appropriate, and lawful ways. # establish personal information policies that are clear, reasonable,and ready to protect individuals' person information. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「information privacy law」の詳細全文を読む スポンサード リンク
|