Guide to FOIP-Chapter 6

Office of the Saskatchewan Information and Privacy Commissioner. Guide to FOIP, Chapter 6, Protection of Privacy. Updated 27 February 2023. 10 and network security logs, and that regular reviews of those logs are conducted to enable monitoring of SOGC’s system. Several other recommendations were also made including ensuring it has a written agreement with its new IT service provider clearly outlining the services the IT service provider will provide. 10 FAIR INFORMATION PRINCIPLES In 1980, the Organization for Economic Co-operation and Development (OECD) developed Guidelines for the Protection of Privacy and Trans-border flows of Personal Data (OECD Guidelines). The OECD Guidelines represented an international effort to balance effective privacy protection with the free flow of personal data between different countries.27 The OECD Guidelines included eight principles: collection limitation, data quality, purpose specification, use limitation, security safeguards, openness, individual participation and accountability. In 1984, Canada committed itself to privacy protection by signing on to these internationally recognized guidelines. In 1995, the European Union (EU) issued a directive on data protection called the European Union Data Protection Directive (also known as EC.95.46). The EC.95.46 was adopted by the EU to protect the personal data collected for or about citizens of the EU.28 The Directive was based on the 1980 OECD Guidelines. The Directive effectively prohibited the trade by EU member nations with any jurisdiction that did not have adequate privacy protection. This put pressure on the international community to have adequate privacy protections in place or risk trading opportunities with the EU. These early guidelines (OECD Guidelines and EC.95.46) and Canada’s commitment to them formed the basis for the development of the Canadian Standards Association Model Code for the Protection of Personal Information (Model Code) in 1995. The Model Code was intended to be a voluntary tool to assist private businesses and organizations with managing the personal information of Canadians. When it was issued, it contained 10 principles that were referred to 27 Organization for Economic Co-Operation and Development (OECD), OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. Available at onaldata.htm. Accessed June 2, 2020. 28 EUR-Lex, Access to European Union Law, Summaries of EU Legislation, Protection of personal data. Available at Accessed June 2, 2020.