RightsCon Toronto 2018

How are telecommunications companies around the world collecting, storing, and sharing customer information? What can customers learn about telecom data handling practices through personal data access requests?

Access My Info (AMI) is a project that seeks answers to these questions through the combination of novel research methods, a web tool, and advocacy strategies.

From its beginnings in Canada, the project expanded to a comparative study of data protection laws and data request responses in jurisdictions across Asia including Australia, Hong Kong, Indonesia, Korea, and Malaysia conducted by a network of researchers and legal advocates. Each network partner sent personal data requests to telecommunication companies and Internet Service Providers (ISPs) in their respective jurisdictions to better understand the type of data these companies collect on their customers, how long this data is retained for, and if it is shared with third-parties. Asia is a particularly interesting region to conduct this study because it includes countries with strong personal data access laws, those with none, and those which are in the process of establishing data protection legislation.

Data protection is a dynamic legal space and there are important contextual and legal differences between the jurisdictions we studied. Despite these differences, overall we found the responses from telcos to be incomplete and inconsistent, and in some cases not in compliance with legal requirements. Generally, across jurisdictions telecoms and ISPs have yet to develop a mature process to fulsomely handle citizens’ and residents’ requests for personal data. These results show a disconnect between law in theory and how the law works in practice to protect personal data.

Through a panel with the project partners, this session will present findings from our comparative study and engage the audience in a discussion of what is or should be personal data, its protection and the future of an economy based on data driven innovation.