CONFIDENTIAL #
機密
"
App. B
App. C
8.
The Working Group concluded that Government Departments should be made aware of these principles and a set of administrative guidelines was issued to all Departments in September 1985. Heads of Departments and Branches were advised in a confidential circular at Appendix B to observe and implement these principles, with the exception of the Seventh Principle, whenever possible in current and future computer applications. If this report is endorsed and implemented by Government, then the Working Group recommends that a review be conducted one year later to consider whether any amendments to the guidelines are required in the light of experience.
The Position in the Private Sector
9.
In August 1984 four unofficials were invited to join the Working Group in assessing the position in the private sector. A Sub-committee was formed under the chairmanship of Mr. A.F.M. Conway with the participation of the Government's Data Processing Manager. In early 1985, the views of 51 private sector organisations were sought, including professional societies, industrial and trade organizations and academic institutions. Of these, 29 organizations responded, and their views were analysed in a covering report which was submitted to the Working Group in September 1985. A copy of the Sub-committee's report is at Appendix C.
This
10.
The Sub-committee's report recommends the adoption of the 'voluntary compliance' approach. would entail the enactment of legislation to establish a set of data protection principles together with the creation of an independent agency which would lay down standards, examine computer systems as a matter of course or on receipt of complaints, and publish its findings and recommendations. The agency would not have powers to impose formal sanctions. Rectification or reform of alleged malpractices would possibly be achieved as result of the adverse publicity generated by the agency or action by some Government authority in response to the findings of the agency. The Sub-committee's recommended approach had the support of most organizations responding to the questionnaire although it is possible that such support was engendered in part by the fear of the denial of trans-border data flow which is discussed later in paragraph 20.
Options available for Consideration
11.
In recognition of the need for the public and private sectors to adopt a similar approach on the issue, the Working Group has examined in detail not only the voluntary compliance approach backed by legislation as
GF 323
CONFIDENTIAL
機密