Terms of reference

Home / About the network / Terms of reference



  • Abiding by the Charter of the Commonwealth;
  • Recognizing that online business and trade has developed rapidly in the digital age and the Commonwealth should be at the forefront of such developments;
  • Recognizing that Commonwealth citizens are already participating actively in this increasingly globalized world through a variety of digital means which have significant economic and social benefits;
  • Recognizing that modern commerce and consumer activity increasingly relies on the seamless flow of personal information across borders;
  • Recognizing that privacy is a fundamental human right, a building block of any democratic society and an essential pillar in the new information economy;
  • Recognizing that more extensive and innovative uses of personal data bring greater economic and social benefits, but also increase privacy risks;
  • Recognizing that information networks closely connect people and organisations across all Commonwealth member countries regardless of physical borders and differing laws;
  • Recognizing that Commonwealth members have a common interest in promoting and protecting the fundamental values of privacy and the global free flow of information;
  • Recognizing that at a meeting between the data protection and privacy enforcement authorities of the Commonwealth countries in Warsaw in 2013 on the margins of the International Conference of Data Protection and Privacy Commissioners, an agreement in principle was made to establish more regular and formal contacts in a network;
  • Recognizing the activities undertaken by the Co-chairs in Canada (OPC) and the United Kingdom (ICO) to establish the Network since 2013, including the activities undertaken to establish an ongoing relationship between the Network and the Commonwealth Telecommunications Organisation; and
  • Reiterating the resolution of the Commonwealth Heads of Government in their Communiqué following the 2015 meeting in Malta, to encourage the development of practical networks that facilitate the sharing of information and building of capacity in the areas of privacy and data protection.

The undersigned agree to the following:

1. Organisation

There shall be established an association known as the Common Thread Network.

2. Mission

The Common Thread Network is a data protection and privacy working group of Commonwealth countries. It provides a network for data protection authorities and relevant government officials who are tasked with developing data protection and privacy law and regulation, as well as regional Commonwealth organizations or associations aiming to promote data and/or privacy protection to share knowledge, experiences and good practices in order to contribute to the development of a global privacy framework and to foster capacity building in that regard.

3. Mandate

The Common Thread Network’s mandate is to:

  • Build member states’ capacity to promote and apply data and privacy protection measures.
  • Represent a privacy expertise hub for Commonwealth states and privacy professionals.
  • Foster the sharing of knowledge, capacity building and good practices.
  • Cooperate with other organizations and associations to promote personal data and privacy protection.
  • Support joint enforcement initiatives and awareness campaigns

Membership does not provide any kind of legal basis for transfer of personal data nor does it provide any kind of legal framework for resolving complaints relating to the processing of personal data. Members and Observer Members shall make their own separate arrangements outside of this Network, in accordance with their national applicable laws, for the aforementioned activities.

4. Membership

All Member States of the Commonwealth of Nations are entitled, upon acceptance of their application, to participate as Members of the Common Thread Network, through their data protection authorities. However, on the date on which any State ceases to be a Member of the Commonwealth of Nations, it shall cease to be so entitled.

Other entities, the functions and activities of which are compatible with the mission and mandate of the Common Thread Network may become Common Thread Network Observer Members. Observer Members may include:

  • representatives of governments with no data protection authority currently in place, but with data protection legislation or policy under development;
  • regional Commonwealth organizations or associations; and
  • civil society partners, including international and regional agencies, academic institutions and other organisations with a clear mandate for work in the field of developing data and privacy protection legal and regulatory frameworks.

The Common Thread Network will consider applications from other interest groups on a case-by-case basis through a process of consultation with the Network’s membership to be defined by the Chair(s) of the Network,

Members and Observer Members are responsible for ensuring that their participation in the Common Thread Network’s activities complies with their local applicable laws.

Participation as a Member or Observer Member in the Network and any of its individual activities is entirely voluntary, but participants shall make their best efforts to cooperate with each other.

Any misconduct will be considered in accordance with the provision on ‘Termination of Membership’ in this Terms of Reference.

5. Submission of Membership Application

Interested entities should submit a declaration of their interest to become a Member or Observer Member to the Secretariat of the Common Thread Network.

All prospective Members will be required to:

  1. identify the name of the authority and the country in which it is located, and indicate its status as a public authority;
  2. Indicate the legal instrument regulating data protection and privacy of the country;

All prospective Observer Members will be required to:

  1. identify the name of the entity and the country in which it is located;
  2. provide the details of the mandate for work in the field of developing data and privacy protection legal and regulatory frameworks;

All prospective Members and Observer Members will be required to:

  1. Confirm that they agree to abide by the Terms of Reference of the Common Thread Network.
  2. Designate a contact for involvement in the Common Thread Network activities. This may be more than one person, while making it clear for which activities each nominated person should be the contact.

6. Termination of membership

Any Member or Observer Member wishing to terminate their membership to the Network should indicate their wish in writing to the Chair(s), giving 30 days’ notice.

Any matter of misconduct by any Member or Observer Member in relation to their activity within the Common Thread Network will be considered by the Chair(s) with consultation where relevant with the membership. A summary report on the outcome of this consideration will be submitted to the membership which should include a decision on whether to continue to allow that Member or Observer Member to remain a part of the Network.

7. Meeting procedures

7.1 Annual General Meeting

  • Members of the Common Thread Network are to hold an Annual General Meeting to define the Network’s direction.
  • Members will receive advance notice of the meeting and related materials in sufficient time to adequately prepare for the meeting.
  • The Chair(s) will draft the agenda in consultation with Members of the Common Thread Network.
  • At the Annual General Meeting Members shall also, by means of a vote by simple majority:
    • Determine the direction and strategies of the Common Thread;
    • Approve the agenda and the minutes of the Annual General Meeting;
    • Agree to the Common Thread Annual Workplan;
    • Establish working groups and committees as appropriate;
    • Approve a Year-End Summary of Activities;
    • Approve reports from the Chair(s), working groups and committees which may be produced on an ad-hoc basis;
    • Issue internal member communications and external public-facing statements on matters relevant to Common Thread Network Members’ responsibilities in data protection and privacy;
    • Establish a schedule for recurrent Members’ meetings between Annual General Meetings;
    • Amend, as necessary, these Terms of Reference
    • Elect the Chair(s) and the Secretariat for a period of three years; and
    • Perform such other tasks as are necessary for the fulfilment of the Common Thread’s mission and mandate.
  • Minutes of the Annual General Meeting will be prepared by the Secretariat under the direction of the Chair(s); the Secretariat will endeavour to circulate the minutes, along with other records presented at the Annual General Meeting, to Members and Member Observers within a reasonable time after the Annual General Meeting.
  • A quorum for any Annual General Meeting of the Network shall be 51% of Members. If the quorum cannot be present at the Annual General Meeting, the Chair(s) may request a vote by Members in advance of the Meeting, whose result should be announced to the Members at the meeting and recorded in the minutes.
  • Decisions shall be made by consensus. Where consensus cannot be reached, decisions will be based on a majority of the votes cast.
  • Each Member has the right to vote on matters presented at the Annual Meeting of the Network. Each Member has one vote at the Annual General Meeting. Where appropriate, Members absent from the meeting can submit their vote in written electronic form before the Annual General Meeting by arrangement with the Secretariat.
  • Observer Members are invited to attend and participate during the Annual General Meeting, but do not have the right to vote.

7.2 Ad-Hoc Meetings

  • The Chair(s) may, in consultation with or at the request of the Members, convene ad hoc meetings of the Network on reasonable notice.
  • The meeting procedures described in 7.1 also apply to ad hoc meetings.

8. Chair(s)

The Common Thread Network is to have a Chair and a Deputy Chair, or two co-Chairs, elected amongst its Members, to lead its activities.

The Chair(s) will have a three-year term in office, which is renewable.

The role of the Chair(s) is to:

  • Provide leadership and coordination in the development of the Network’s projects and the achievement of its goals;
  • Support the Members, notably by making recommendations concerning the Common Thread’s strategies and policies;
  • Chair the Annual General Meeting and ensure that decisions of the Annual General Meeting are enforced and any required follow-up is done;
  • Where warranted, issue communications on behalf of the Members in the name of the Common Thread Network;
  • Plan and manage Members’ meetings in consultation with the Secretariat; chair the Members’ meetings wherever feasible;
  • Have an overview of the Working Groups’ activities, ensuring that Coordinators of the Working Groups report back on their activities on a regular basis, and;
  • Promote the work of the Common Thread Network.

The role of the Deputy Chair is to provide support to the function of the Chair.

9. Secretariat

The Common Thread Network may have, elected from amongst its Members, a Secretariat to assist in its activities.

The role of the Secretariat is broadly to:

  • Act as contact point for Common Thread Members or Observer Members, Working Groups and other interested parties regarding Common Thread activities, project and initiatives;
  • Provide assistance and advice to the Chair(s) and the Members or Observer Members regarding the Network’s initiatives and projects;
  • Play a general coordination role with regard to Common Thread activities and communications, including:
    • Keep the Common Thread membership up-to-date, and maintain an up-to-date contact mailing list;
    • Organize teleconferences and in-person meetings;
    • Take minutes at meetings;
    • Keep a record of meeting minutes;
    • Draft, send, receive and manage invitations for Common Thread activities in liaison with the Chair(s), including but not limited to teleconferences and in-person meetings;
    • Draft the Year-End Summary of Activities in liaison with the Chair(s) and the Members and Observer Members; and,
    • Assist the Network – Members and Chair(s) – with the development of the agenda for activities.
  • Compile and share all Common Thread related communications with the Chair(s); furthermore, share Members’ communications directed to the Common Thread Network with the Chair(s) and where relevant and/or appropriate, with the Members of the Network;
  • Draft an initial version of Common Thread communications, for approval by the Chair(s).
  • Further detail on the role of the Secretariat shall be developed in the Terms to be agreed between the Chair(s) and the Secretariat. A report on developments relating to this matter shall be submitted by the Chair(s) to the Annual General Meeting.

10. Costs

Members and Observer Members bear their own costs for participation in the activities of the Common Thread Network’s activities. Members or Observer Members may make an arrangement with the Chair(s) for a contribution to specific running costs for the Network, upon agreement of the Membership of the Network.

11. Confidentiality

Members and Observer Members of the Common Thread Network will exercise discretion with regards to any information that is discussed or any document that is circulated in the context of the activities of the Network.

12. Amendments and Modifications

These Terms of Reference may be amended or modified in writing after consultation with Members and a vote of approval by a simple majority of Members.


Australian Information Commissioner
Commissioner for Privacy and Data Protection of Victoria, Australia
Data Protection Commissioner of the Bahamas
Director of the Department of E-Commerce of the Government of Bermuda
Privacy Commissioner of Canada
Information and Privacy Commissioner of British Columbia, Canada
Information and Privacy Commissioner of Nova Scotia, Canada
Information and Privacy Commissioner of the Yukon, Canada
Information Commissioner, Cayman Islands
Data Protection Commission, Ghana
Data Protection Commissioner, Gibraltar
Data Security Council of India
Isle of Man Information Commissioner
Information and Data Protection Commissioner of Malta
Data Protection Commissioner of Mauritius
Privacy Commissioner of New Zealand
Ministry of Science and Technology, Trinidad and Tobago
Information Commissioner of the United Kingdom


As agreed on 18 October 2016.