Part 3. Core International Data Protection Principles: Openness 

Accountability, collection limitation, purpose specification, use limitation, security, data quality, access and correction, and openness – these are all core principles of data protection that are so fundamental, they are internationally recognised.

Let’s start with Openness. Data controllers must always be open and transparent with respect to their developments, practices, and policies for personal data processing.  Data subjects, individuals, should be able to easily obtain information related to the nature and existence of their personal data as well as the main purposes of their processing and the identity and contact information of the data controller.

Openness is a prerequisite for the principle of access and correction and can generally be achieved by way of the publication of a privacy policy.  Data controllers must:

1. share information related to processing activities being carried out,
2. inform the data subject of whether/how their data will be shared with other entities or transferred different countries,
3. inform data subjects before processing takes place,
4. never process data covertly unless permitted by law

and data subjects must have the choice to object to such activities.

Openness is an extremely important principle in the Smart Data environment where processing may take place without the data subjects being effectively informed and without having the possibility to notice them.