26
4.3.2
The first international attempt to develop principles to deal with the
protection of personal privacy in the context of computer data and the
potential for trans-border flows of personal information was the 1980
Guidelines developed by the Organisation for Economic Co-operation
and Development (OECD).14 These Guidelines have since formed the
basis for most privacy legislation around the world.
4.3.3 The Basic Principles of OECD Guidelines Governing the Protection of
Privacy and Trans-border Flows of Personal Data are:
1. Collection Limitation Principle
There should be limits to the collection of personal data [defined as data
about an identifiable individual] and any such data should be obtained
by lawful and fair means and, where appropriate, with the knowledge or
consent of the data subject.
2. Data Quality Principle
Personal data should be relevant to the purposes for which they are to be
used, and, to the extent necessary for these purposes, should be accurate,
complete and kept up-to-date.
3. Purpose Specification Principle
The purposes for which personal data are collected should be specified
not later than at the time of data collection and the subsequent use
limited to the fulfilment of those purposes or such others as are not
incompatible with those purposes and as are specified on each occasion
of change of purpose.
4. Collection Limitation Principle
There should be limits to the collection of personal data [defined as data
about an identifiable individual] and any such data should be obtained
by lawful and fair means and, where appropriate, with the knowledge or
consent of the data subject.
5. Data Quality Principle
Personal data should be relevant to the purposes for which they are to be
used, and, to the extent necessary for these purposes, should be accurate,
complete and kept up-to-date.
6. Purpose Specification Principle
14
Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data;
www.oecd.org/dsti/sti/it/secur/index.htm