The OECD Committee on Digital Economy Policy (CDEP) held a special meeting on June 8 to consider a second update on the work of an informal drafting group on government access to personal data held by the private sector. The drafting group includes fifty-four representatives from twenty-three OECD Member countries and the European Union.
According to USCIB Vice President for ICT Policy Barbara Wanner, the drafting group met in June 2021 with the goal of finalizing the principles, which would be presented as a recommendation to the OECD Council. The goal was to secure final adoption of the principles at the OECD Ministerial Council Meeting (MCM) in October 2021. A MCM-approved Council Recommendation, in turn, would be embodied in an OECD legal instrument.
The June 8 proposal put forward by OECD asked CDEP members to consider two options. The first option would call for a broad commitment applicable to all types of government access for the purposes of law enforcement and national security, and includes seven draft principles as applicable to “obliged access” for the purposes of law enforcement and national security. “Obliged access” is defined to mean government-imposed obligations – whether lawful or de-facto – on private sector entities to knowingly provide access to personal data.
The governments of Australia, Canada, Japan, the United Kingdom and the United States urged pursuit of this option because the work to date on “obliged access” has been valuable and should be preserved for timely OECD action. The U.S. government also noted the need for common understanding on these principles to improve data free flows with trust and, in turn, facilitate cross-border data flows and commercial, economic activity.
Intervening for Business at OECD (BIAC), Norman Barbosa (Microsoft) further underscored the need for prompt action on the two-track approach to address with urgency the causes of the immediate trust deficit that is critical to promoting a strong and resilient global economy recovery.
The second option, supported by the European Union and several of its Member nations, would take place over a longer timeframe, aimed at giving the CDEP more time to develop draft principles with a broader scope to cover all methods of government access. The EU representative argued that the current draft does not provide enough detail concerning safeguards for certain types of government access to data so more time and deliberations are needed to flesh out details that would provide needed safeguards.
“To the acute disappointment of USCIB/BIAC members, CDEP members could not reach a consensus of whether to pursue option one or two,” said Wanner. “The OECD Secretariat made clear that it did not have sufficient resources allocated to continue this work. Thus, the CDEP Secretariat proposed ‘pushing the pause button’ and reconsidering at the November 2021 CDEP meeting how the committee might continue this work as part of the next PWB cycle.”
If you would be interested in becoming involved in the special USCIB/BIAC drafting group on government access to data held by the private sector, please contact me (firstname.lastname@example.org).