National data protection authority

There are several National data protection authorities across the world, tasked with protecting information privacy. In the European Union and the EFTA member countries, their status was formalized by the Data Protection Directive^[1] and they were involved in the Madrid Resolution.

This project is a part of the work of the International Law Commission of the United Nations.

Authorities by group of states[]

On the European level, it is the G29 and the European Data Protection Supervisor (EDPS). The process was backed in 2005 by the Council of Europe, during the World Summit on the Information Society (Tunis, November 2005), and in 2006/2007 within forums on Internet governance (Athens 2006, Rio 2007).
On 12 June 2007, OECD recommendation regarding "trans-frontier cooperation for legislations protecting privacy enforcement" was adopted. It aimed in particular to "improve national Privacy law enforcements so that national authorities can better cooperate with foreign authorities and put in place efficient international mechanisms to ease trans-frontier cooperation for legislations protecting privacy enforcement".
An Ibero-American network of data protection exists. In May 2008, during its 6th meeting, in Colombia, its declaration asking international conferences on data protection and privacy to "pursue their efforts, regardless of their geographical location, in order to adopt common legal instruments".
Another network is that of the Central and Eastern data protection authority (CEDPA). This network has expressed its will to pursue and strengthen its activities within the CEDPA, notably to elaborate common solutions and assist new members with the establishment of data protection legislation. That was during the June 2008 meeting in Poland.

List of national data protection authorities[]

European Economic Area[]

Austria: (German: Datenschutzbehörde)
Belgium: (Dutch: Gegevensbeschermingsautoriteit (GBA), French: Autorité de protection des données (APD), German: Datenschutzbehörde), also known as APD-GBA
Bulgaria: (Bulgarian: Комисия за защита на личните данни)
Cyprus: (Greek: Γραφείο Επιτρόπου Προστασίας Δεδομένων Προσωπικού Χαρακτήρα)
Czech Republic: Office for Personal Data Protection (Czech: Úřad pro ochranu osobních údajů (ÚOOÚ))
Denmark: Danish Data Protection Agency (Danish: Datatilsynet)
Estonia: (Estonian: Andmekaitse Inspektsioon)
Finland: (Finnish: Tietosuojavaltuutetun toimisto)
France: Commission nationale de l'informatique et des libertés (lit. 'National Commission on Informatics and Liberty'), also known as CNIL
Germany: Federal Commissioner for Data Protection and Freedom of Information (German: Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI))
- Note: Competent supervisory authorities for the enforcement of data protection in the private sector are the respective state authorities.^[2]
Greece: Hellenic Data Protection Authority (Greek: Αρχή Προστασίας Δεδομένων Προσωπικού Χαρακτήρα), also known as HDPA
Hungary: (Hungarian: Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH))
Iceland: (Icelandic: Persónuvernd)
Ireland: Data Protection Commissioner (Irish: An Coimisinéir Cosanta Sonraí), also known as DPC
Italy: (Italian: Garante per la Protezione dei Dati Personali), also known as Italian DPA
Latvia: (Latvian: Datu valsts inspekcija, Russian: Государственная инспекция данных)
Liechtenstein:
Lithuania: (Lithuanian: Valstybinė duomenų apsaugos inspekcija (VDAI))
Luxembourg: (German: Nationale Kommission für den Datenschutz, French: Commission nationale pour la protection des données), also known as CNPD
Malta: , also known as IDPC
Netherlands: Dutch Data Protection Authority (Dutch: Autoriteit Persoonsgegevens (AP))
Norway: Norwegian Data Protection Authority (Norwegian: Datatilsynet)
Poland: Polish Data Protection Commissioner (Polish: Urząd Ochrony Danych Osobowych (UODO))
Portugal: (Portuguese: Comissão Nacional de Proteção de Dados (CNPD)), also known as NCDP
Romania: (Romanian: Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Personal), also known as ANSPDCP
Slovakia: (Slovak: Úrad na ochranu osobných údajov Slovenskej republiky)
Slovenia: (Slovene: Republika Slovenija Informacijski pooblaščenec)
Spain: Spanish Data Protection Agency (Spanish: Agencia Española de Protección de Datos (AEPD))
- Andalusia: Transparency and Data Protection Council of Andalusia (Spanish: Consejo de Transparencia y Protección de Datos de Andalucía)
- Basque Country: (Basque: Datuak Babesteko Euskal Bulegoa, Spanish: Agencia Vasca de Protección de Datos)
- Catalonia: (Catalan: Autoritat Catalana de Protecció de Dades (APDCAT))
Sweden: Swedish Data Protection Authority (Swedish: Datainspektionen), also known as Swedish DPA
United Kingdom: Information Commissioner's Office, also known as ICO

Europe[]

Albania: Information and Data Protection Commissioner (IDP) (Komisionerit për të Drejtën e Informimit dhe Mbrojtjen e të Dhënave Personale (KDIMDP))
Andorra: (Catalan: Agència Andorrana de Protecció de Dades (APDA))
Croatia: (Croatian: Agencija za zaštitu osobnih podataka (AZOP))
Guernsey:
North Macedonia: (Macedonian: Дирекција за заштита на лични податоци)
Isle of Man: Office of the Data Protection Supervisor
Monaco: (lit. 'Personal Data Control Board'), also known as CCIN
Russia: Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications (Roskomnadzor)
Serbia: (Serbian: Повереник за информације од јавног значаја и заштиту података о личности)
Switzerland: Federal Data Protection and Information Commissioner (German: Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter (EDÖB), French: Préposé fédéral à la protection des données et à la transparence (PFPDT), Italian: Incaricato federale della protezione dei dati e della trasparenza (IFPDT)), also known as FDPIC
Turkey: Turkish Data Protection Authority (Turkish: Kişisel Verileri Koruma Kurumu (KVKK))
Ukraine: Ukrainian Parliament Commissioner for Human Rights (Ukrainian: Уповноважений Верховної Ради України з прав людини)

Africa[]

Angola: (Portuguese: Agência de Proteção de Dados), known as APD
Egypt: No national authority is responsible for data protection.
Ghana: Data Protection Commission
Morocco: (lit. 'National Commission for the Control of the Protection of Personal Data'), also known as CNDP
Mozambique: No national authority is responsible for data protection.
Nigeria: National Information Technology Development Agency (NITDA) and Nigerian Communications Commission (NCC) provide services regarding data protection.
South Africa: ^[3]
Tunisia: (French: Instance nationale de protection des données personnelles), known as INPDP
Zimbabwe: There is currently no data protection authority but the comments on the degree of protection of privacy from public bodies programs.

Asia[]

China: Cyberspace Administration of China (CAC)
Hong Kong: Office of the Privacy Commissioner for Personal Data (PCPD)
India: No national authority is responsible for data protection.
Indonesia: No national authority is responsible for data protection.
Israel: The Privacy Protection Authority (Hebrew: הרשות להגנת הפרטיות‎)
Japan: Personal Information Protection Commission
Kazakhstan: Data protection is regulated by the state.
Macau: , known as OPDP
Malaysia: There is a Personal Data Protection Commissioner
Pakistan: No national authority is responsible for data protection.
Philippines: National Privacy Commission
Qatar:
Saudi Arabia: No national authority is responsible for data protection.
Singapore: A Personal Data Protection Commission is created following the Personal Data Protection Act 2012 (Singapore)
South Korea: Korea Communications Commission
Taiwan: No national authority is responsible for data protection.
Thailand: Office of the Personal Data Protection Committee
Turkmenistan: No national authority is responsible for data protection.
Uzbekistan: Regulators for data protection are sector-specific.

Oceania[]

Australia: Office of the Australian Information Commissioner
New Zealand: Privacy Commissioner (New Zealand)

North America[]

Canada: Office of the Privacy Commissioner of Canada (French: Commissariat à la protection de la vie privée du Canada)
Mexico: (Spanish: Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI))
USA: There is no single national authority.

South America[]

Argentina: Dirección Nacional de Protección de Datos Personales (lit. 'National Directorate for Personal Data Protection'), known as PDP
Bolivia: No national authority is responsible for data protection.
Brazil: National Data Protection Authority (ANPD)^[4]
Chile: There is no dedicated authority.
Colombia: Superintendency of Industry and Commerce (SIC)
Costa Rica: (Spanish: Agencia de Protección de datos de los Habitantes), known as PRODHAB
Dominican Republic: No national authority is responsible for data protection.
Honduras: (Spanish: Registro Nacional de las Personas)^[5] and (Spanish: Instituto Acceso Informacion Publica)^[6]
Panama: No national authority is responsible for data protection.
Peru: (lit. 'Ministry of Justice and Human Rights')
Venezuela: No national authority is responsible for data protection.

References[]

^ Article 28 of EU directive 95/46/EC
^ "Datenschutzaufsichtsbehörden für den nicht-öffentlichen Bereich". www.ldi.nrw.de. Retrieved Oct 15, 2020.
^ https://www.justice.gov.za/inforeg/
^ "Brazil's Temer creates data protection agency - official gazette". Reuters. 2018-12-28. Retrieved 2018-12-28.
^ http://www.rnp.hn
^ http://www.iaip.gob.hn

External links[]

[1] Article 28 of EU directive 95/46/EC

[2] "Datenschutzaufsichtsbehörden für den nicht-öffentlichen Bereich". www.ldi.nrw.de. Retrieved Oct 15, 2020.

[3] ttps://www.justice.gov.za/inforeg/

[4] "Brazil's Temer creates data protection agency - official gazette". Reuters. 2018-12-28. Retrieved 2018-12-28.

[5] ttp://www.rnp.hn

[6] ttp://www.iaip.gob.hn

[1]

[2]

[3]

[4]

[5]

[6]

hide v t Privacy
Principles	Expectation of privacy Right to privacy Right to be forgotten Post-mortem privacy
Privacy laws	Australia Canada Denmark England European Union Germany Ghana New Zealand Singapore Switzerland United States
Data protection authorities	Australia Denmark European Union France Germany Ireland Isle of Man Norway Philippines Poland Spain Sweden Switzerland Turkey Thailand United Kingdom
Areas	Consumer Medical Workplace
Information privacy	Law Financial Internet Personal data Personal identifier Privacy-enhancing technologies Social networking services Privacy engineering Secret ballot
Advocacy organizations	American Civil Liberties Union Center for Democracy and Technology Computer Professionals for Social Responsibility Future of Privacy Forum Electronic Privacy Information Center Electronic Frontier Foundation European Digital Rights Global Network Initiative International Association of Privacy Professionals NOYB Privacy International
See also	Anonymity Carding Cellphone surveillance Cyberstalking Data security Eavesdropping Global surveillance Electronic harassment Mass surveillance Privacy engineering Telephone tapping Human rights Identity theft Panopticon Personality rights Search warrant