Privacy Law at Papua New Guinea
Papua New Guinea (PNG) is in the process of establishing a comprehensive data protection and governance framework. While a general personal data protection law is not yet in effect, significant steps have been taken toward creating a robust legal and regulatory environment for data privacy.
Legal Framework
1. National Data Governance and Protection Policy (2024)
PNG's Department of Information and Communications Technology (DICT) has finalized the National Data Governance and Protection Policy, which is awaiting endorsement by a ministerial committee before proceeding to Cabinet for approval. This policy aims to:
Define clear principles and standards for data governance and protection, Implement robust mechanisms to safeguard privacy, confidentiality, and data integrity. Foster accountability and transparency in data handling practice. Encourage responsible data sharing among government agencies, businesses, and stakeholder. Promote data literacy and awareness among citizens and organization. Align with international standards to enhance PNG's competitiveness in the global digital economy.
2. Cybercrime Code Act 2016
The Cybercrime Code Act 2016 addresses aspects of cybersecurity and data protection, including provisions related to unauthorized access to data and system. While it does not serve as a comprehensive data protection law, it contributes to the legal framework governing digital activities in PN.
3. Protection of Private Communications Act 1973
The Protection of Private Communications Act 1973 provides protection for private communications, defining the circumstances under which communications may be intercepted and the use of information obtained through such interception. It establishes penalties for unauthorized interception and outlines conditions under which interceptions may be legally conducte.
🏛️ Regulatory Oversight
Currently, PNG does not have a dedicated data protection authority The DICT is responsible for overseeing the implementation of the National Data Governance and Protection Policy and coordinating efforts related to data governance and protection.
⚖️ Enforcement and Penalties
While specific penalties related to the National Data Governance and Protection Policy are not detailed, the policy emphasizes the importance of compliance with data protection principles and standards Enforcement mechanisms are expected to be established upon the policy's formal adoption and implementation.
🌐 International Engagement
PNG is actively engaging in international discussions on data protection and privacy. The country participated in the Global Cross-Border Privacy Rules (CBPR) Forum held in Tokyo in May 2024, assessing its domestic interoperability mechanisms and exploring opportunities for international cooperation in data privacy and security.
🧭 Summary
Papua New Guinea is in the process of implementing a comprehensive data protection and governance framework. The finalized National Data Governance and Protection Policy sets the foundation for responsible data handling practices, while existing laws like the Cybercrime Code Act 2016 and the Protection of Private Communications Act 1973 address specific aspects of data protection. The DICT is leading efforts to establish regulatory oversight, and PNG is actively participating in international discussions to align with global data protection standards.
RELATED Blog
0 comments