For several decades, the OECD has been playing an important role in promoting respect for privacy as a fundamental value and a condition for the free flow of personal data across borders. 

The OECD’s Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data (the "Privacy Guidelines") are the cornerstone of the OECD’s work on privacy. They are recognised as the global minimum standard for privacy and data protection.

The Privacy Guidelines were launched in 1980 and revised in 2013. The revised text modernised the OECD approach and reinforced its integration with other work on privacy law enforcement co-operation. 

In 2021, the OECD concluded its second review of the implementation of the Privacy Guidelines. The review was developed in consultation with an advisory group of over 60 experts from governments, business, civil society and academia. The group was co-chaired by Ms. Jennifer Stoddart (former Privacy Commissioner of Canada and current strategic advisor at Fasken) and Mr. Gwendal Le Grand (Deputy-Secretary General of the Commission nationale de l’informatique et des libertés, CNIL).

The Privacy Guidelines remain a solid foundation for building effective protection and trust for individuals, but also for developing common international approaches to transborder data flows. Nonetheless, a number of significant challenges in implementing the Privacy Guidelines have been identified, especially against the backdrop of technological developments. In the wake of the COVID-19 crisis, calls have thus intensified for the OECD to champion a holistic approach to privacy and data protection practices, i.e. an approach that takes into account multiple societal objectives including the collective and ethical dimensions of personal data processing.

The OECD is therefore continuing to work with countries and experts to scope developments and provide practical recommendations on the implementation of the Privacy Guidelines in today’s digital environment.

Related documents

• The OECD Privacy Framework booklet brings together the key components of the OECD privacy framework, along with supplementary documentation to provide context and explanation, including:
  • Supplementary Explanatory Memorandum to the revised Privacy Guidelines (2013)
  • The original Explanatory Memorandum to the OECD Privacy Guidelines (1980)
  • A report on “The Evolving Privacy Landscape: 30 years after the OECD Privacy Guidelines” (2011)
  • Recommendation of the OECD Council on Cross-border Co-operation in the Enforcement of Laws Protecting Privacy (2007)
  • Report on the Implementation of the 2007 OECD Recommendation on Privacy Law Enforcement Co-operation (2011) 
• The report by the privacy expert group on the first review of the Privacy Guidelines, concluded in 2013, can be found here.
• The report on the second review of the Privacy Guidelines, concluded in 2021, can be found here.
• OECD Legal Instruments provide a number of OECD’s recommendations including the Privacy Guidelines as revised in 2013. The original 1980 version can be found here.

related PRIVACY WORK

• Children in the digital environment
• OECD guidelines for cryptography policy
• Internet policy and governance
• Recommendation of the OECD Council on Enhancing Access to and Sharing of Data
• Data localisation trends and challenges: Considerations for the review of the Privacy Guidelines
• Transparency reporting: Considerations for the review of the privacy guidelines
• Promoting comparability in personal data breach notification reporting
• Interoperability of privacy and data protection frameworks
• Privacy enforcement co-operation
• Digital identity and electronic authentication

see also

• OECD Going Digital project