Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

A Commissioner abroad Part 3 - a stop in Tunisia John Edwards
10 November 2016


It’s possible that you haven’t heard of the International Telecommunications Union (ITU). However, it is likely that the ITU affects your life in some way. The ITU is the UN agency responsible for information and communication technology. One of their key functions is standard-setting. They set the technical standards that make it possible to send a text message to an overseas phone without having to get some kind of complex adaptor; they also help to assign satellite orbits so that you don’t get abrupt service interruption from two (or more) satellites crashing into one another.

I spoke at the ITU’s conference in Tunisia last month, when I was in Marrakech my role as chair of the International Conference of Data Protection and Privacy Commissioners (ICDPPC). The ITU conference was the Global Standards Symposium (GSS), a one-day event held prior to the World Telecommunications Standardisation Assembly (WTA-16).

I was invited to speak at the GSS because the theme was “Security, Privacy and Trust in Standardisation”. These are topical issues as the world becomes more connected; it is increasingly rare for information to stop moving when it encounters a border, or to even slow down.  This means that there are circumstances where international standards around security and privacy are more important than any one nation’s laws, as they apply regardless of where your data starts and ends its international travels.

Here are a few of the points I made in my talk to the GSS:

  • That there should be international standards governing state agents collecting data from telecommunications networks. These standards should set a lawful authority, and only give access when it is necessary and proportionate. These legal standards should be consistent across jurisdictions. Without these standards, authorities in a more “lax” nation could easily access information pertaining to someone from a nation with stricter standards, thus nullifying that second nation’s data protection.
  • The ITU should develop and promote standards for de-identification of individuals. There’s a significant amount of potential public benefit from telecommunication data. Examples include the movement of refugees or the spread of a disease. A set of standards to ensure that this data is used in a de-identified way would unlock this benefit without compromising the trust individuals place in their telecommunications providers.
  • Algorithmic transparency should be developed and standardised. This is an emerging issue as artificial intelligence and machine learning put more decisions in the hands of computers, not individuals.

Speaking to the ITU was a good opportunity to strengthen the connections between that organisation and the ICDPPC, as both work in the similar, growing spaces of cross-border information transfers.

You can read my full speech here.


, ,



No one has commented on this page yet.

Post your comment

The aim of the Office of Privacy Commissioner’s blog is to provide a space for people to interact with the content posted. We reserve the right to moderate all comments. We will not publish any content that is abusive, defamatory or is obviously commercial. We ask for your email address so that we can contact you if necessary to clarify your comment. Please be respectful of authors and others leaving comments.