Scribd
Upload
3 views

Guidelines for the Regulation of Computerized Personal Data Files

Uploaded by

khy1989koulaoer
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
3 views

Guidelines for the Regulation of Computerized Personal Data Files

Uploaded by

khy1989koulaoer
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Guidelines for the Regulation of Computerized Personal Data Files

Adopted by General Assembly resolution 45/95 of 14 December 1990

The procedures for implementing regulations concerning computerized personal data


files are left to the initiative of each State subject to the following orientations:

A. PRINCIPLES CONCERNING THE MINIMUM GUARANTEES THAT


SHOULD BE PROVIDED IN NATIONAL LEGISLATIONS

1. Principle of lawfulness and fairness


Information about persons should not be collected or processed in unfair or unlawful
ways, nor should it be used for ends contrary to the purposes and principles of the
Charter of the United Nations.
2. Principle of accuracy
Persons responsible for the compilation of files or those responsible for keeping them
have an obligation to conduct regular checks on the accuracy and relevance of the data
recorded and to ensure that they are kept as complete as possible in order to avoid
errors of omission and that they are kept up to date regularly or when the information
contained in a file is used, as long as they are being processed.
3. Principle of the purpose-specification
The purpose which a file is to serve and its utilization in terms of that purpose should be
specified, legitimate and, when it is established, receive a certain amount of publicity or
be brought to the attention of the person concerned, in order to make it possible
subsequently to ensure that:
(a) All the personal data collected and recorded remain relevant and adequate to the
purposes so specified;
(b) None of the said personal data is used or disclosed, except with the consent of the
person concerned, for purposes incompatible with those specified;
(c) The period for which the personal data are kept does not exceed that which would
enable the achievement of the purposes so specified.
4. Principle of interested-person access
Everyone who offers proof of identity has the right to know whether information
concerning him is being processed and to obtain it in an intelligible form, without undue
delay or expense, and to have appropriate rectifications or erasures made in the case of
unlawful, unnecessary or inaccurate entries and, when it is being communicated, to be
informed of the addressees. Provision should be made for a remedy, if need be with the
supervisory authority specified in principle 8 below. The cost of any rectification shall be
borne by the person responsible for the file. It is desirable that the provisions of this
principle should apply to everyone, irrespective of nationality or place of residence.
5. Principle of non-discrimination
Subject to cases of exceptions restrictively envisaged under principle 6, data likely to
give rise to unlawful or arbitrary discrimination, including information on racial or ethnic
origin, colour, sex life, political opinions, religious, philosophical and other beliefs as well
as membership of an association or trade union, should not be compiled.
6. Power to make exceptions
Departures from principles 1 to 4 may be authorized only if they are necessary to
protect national security, public order, public health or morality, as well as, inter alia, the
rights and freedoms of others, especially persons being persecuted (humanitarian
clause) provided that such departures are expressly specified in a law or equivalent
regulation promulgated in accordance with the internal legal system which expressly
states their limits and sets forth appropriate safeguards.
Exceptions to principle 5 relating to the prohibition of discrimination, in addition to being
subject to the same safeguards as those prescribed for exceptions to principles I and 4,
may be authorized only within the limits prescribed by the International Bill of Human
Rights and the other relevant instruments in the field of protection of human rights and
the prevention of discrimination.
7. Principle of security
Appropriate measures should be taken to protect the files against both natural dangers,
such as accidental loss or destruction and human dangers, such as unauthorized
access, fraudulent misuse of data or contamination by computer viruses.
8. Supervision and sanctions
The law of every country shall designate the authority which, in accordance with its
domestic legal system, is to be responsible for supervising observance of the principles
set forth above. This authority shall offer guarantees of impartiality, independence vis-a-
vis persons or agencies responsible for processing and establishing data, and technical
competence. In the event of violation of the provisions of the national law implementing
the aforementioned principles, criminal or other penalties should be envisaged together
with the appropriate individual remedies.
9. Transborder data flows
When the legislation of two or more countries concerned by a transborder data flow
offers comparable safeguards for the protection of privacy, information should be able to
circulate as freely as inside each of the territories concerned. If there are no reciprocal
safeguards, limitations on such circulation may not be imposed unduly and only in so far
as the protection of privacy demands.
10. Field of application
The present principles should be made applicable, in the first instance, to all public and
private computerized files as well as, by means of optional extension and subject to
appropriate adjustments, to manual files. Special provision, also optional, might be
made to extend all or part of the principles to files on legal persons particularly when
they contain some information on individuals.

B. APPLICATION OF THE GUIDELINES TO PERSONAL DATA FILES


KEPT BY GOVERNMENTAL INTERNATIONAL ORGANIZATIONS
The present guidelines should apply to personal data files kept by governmental
international organizations, subject to any adjustments required to take account of any
differences that might exist between files for internal purposes such as those that
concern personnel management and files for external purposes concerning third parties
having relations with the organization.
Each organization should designate the authority statutorily competent to supervise the
observance of these guidelines.
Humanitarian clause: a derogation from these principles may be specifically provided for
when the purpose of the file is the protection of human rights and fundamental freedoms
of the individual concerned or humanitarian assistance.
A similar derogation should be provided in national legislation for governmental
international organizations whose headquarters agreement does not preclude the
implementation of the said national legislation as well as for non-governmental
international organizations to which this law is applicable.

© Copyright 1997 - 2000


Office of the United Nations High Commissioner for Human Rights
Geneva, Switzerland

You might also like