Cyberspace Law and Policy Centre, University of New South Wales
Interpreting Privacy Principles research project
About us | Disclaimer | Privacy | Sitemap | Contact us   

IPP logo

Interpreting Privacy Principles
(ARC 'Discovery' Research Project)


Interpreting Privacy Principles:
Chaos or Consistency?

17 May 2006, 9 am-12:30 pm
Australian Graduate School of Management's Sydney CBD venue, Level 6, 1 O'Connell St, Sydney

Information privacy principles (IPPs) are at the heart of most countries’ privacy laws. Despite their key role, their meaning is everywhere uncertain and lacking in definitive interpretations. They appear to be similar across jurisdictions, but how far do the similarities extend? When can the interpretation of an IPP in one jurisdiction be a valuable guide to its meaning elsewhere? Such questions pose theoretical challenges for privacy regulators and practical concerns for privacy counsel attempting to provide multi-jurisdictional advice.

Background The Cyberspace Law and Policy Centre at UNSW Faculty of Law, in association with the Asia Pacific Privacy Authorities (APPA) forum, invited participants in the first of a series of symposia and conferences on privacy principles to be held over the next three years. The Symposium was part of the Interpreting Privacy Principles (iPP) Project, a research project funded by the Australian Research Council for 2006-2008. The iPP Project takes a comparative international perspective to resolving problems of interpreting Information Privacy Principles. Details of the iPP Project are available on the Centre website <>.

The Symposium Program is below. Each session commenced with a lead paper followed by short comments and discussion. There were additional participants from other jurisdictions in each session.

(The Symposium was administered by Continuing Legal Education (CLE), Faculty of Law, UNSW. This program provided barristers and solicitors seeking Continuing Professional Development points one point for each hour of attendance.)


9:00 - 9:15 Welcome and introduction

  • Graham Greenleaf (Professor of Law, UNSW) [PPT]

9:15 – 10:15 Core concepts: The uncertain meaning of ‘personal information’

Cases from Hong Kong, the UK and New Zealand have resulted in very narrow interpretations of ‘personal data’ or ‘personal information’. Are they good law?
  • Katrine Evans (Assistant Commissioner, NZ) - Issues in interpreting ‘personal information’ in New Zealand [ DOC ]
  • Graham Greenleaf – Some wrong turns for ‘personal data’: Eastweek (HK), Durant (UK), and FM v Macquarie (NSW) [PPT]

10.30-11:25 Principles: Interpreting the security Principle

How radical are the implications of the security principle for business and government? How expensive are security deficiencies? What damages flow from lost files? What standards apply?
  • Nigel Waters – Uncertainties and implications of the Security Principle [PPT] [PDF]
  • Anna Johnston (Salinger & Co) – New South Wales experience [PDF]
  • Patrick Gunning (Partner, Mallesons) – Interpreting ‘adequate security’ in practice

11:30 –12:20 Implementation: Communicating interpretations

How can Privacy Commissioners communicate their interpretations of IPPs? What works? What is best practice? What does accountability require?
  • Blair Stewart (Assistant Commissioner, NZ) - Developing Asia-Pacific standards [PPT] [PDF]
  • Graham Greenleaf – Are privacy Offices still ‘black holes’? [PPT]
  • Hong Kong Privacy Commissioner Roderick Woo [PDF]

12:20 Summation and close

  • Nigel Waters – Concluding remarks

Each session involved commentators including:

  • Judge Kevin O’Connor (NSW Administrative Decisions Tribunal)
  • Hong Kong Privacy Commissioner Roderick Woo
  • Federal Privacy Commissioner Karen Curtis
  • Victorian Privacy Commissioner Paul Chadwick
  • Patrick Gunning (Partner, Mallesons)







The University of New South Wales   UNSW Cyberspace Law and Policy Centre ARC