An effective privacy protection regime will include mechanisms for oversight and enforcement. A number of countries have created an
office or agency to oversee privacy or data protection. Several countries also have privacy officials or offices at the provincial level. While the powers of these officials vary widely by country, eight inter-related roles can be attributed to data protection commissioners: ombudsman, auditor, consultant, educator, policy advisor, negotiator, enforcer, and international ambassador. Many have authority over both private sector and governmental databases.
Even if a country does not have a comprehensive privacy act, it can have a privacy commissioner. Even if the commissioner has no binding enforcement power, the ability to focus public attention on problem areas can be significant. Commissioners can advance privacy protection by promoting codes of practice and encouraging government agencies to adopt them. They can use reports to highlight problems.
Another way to promote privacy compliance is to designate within each ministry or agency a senior official to serve as “chief privacy officer” or “privacy coordinator.” A growing number of private businesses are adopting this model. To be most effective, the chief privacy officer or coordinator should be involved in policy-making and should be consulted early in the conceptualization of any new information system.
Privacy Commissioners - Key Resource:
The Ontario (Canada) Information and Privacy Commissioner has developed a basic toolkit for privacy coordinators.
Back to Beginning of Chapter