ABSTRACT
The UN Guidelines on Personal Data Regulation of 1990 did not exert a significant direct commanding impact when adopted and remain only soft law. Nevertheless, they were the first to focus on international organisations and, most especially, those with a humanitarian purpose, and remain of high normative significance in this context. Firstly, the Guidelines set out a structure under which governmental international organisations might retain significant autonomy in data protection whilst adhering to a set of broadly framed data protection principles. Second, and even more significantly, they set out an expectation that humanitarian international organisations, even if non-governmental, should benefit from wide derogations which safeguard this vital activity. This focus reflects most especially the advocacy of the UN High Commissioner for Refugees and Amnesty International and the norm entrepreneurship and strategic position of Louis Joinet as Special Rapporteur. The impact of the Guidelines in this area can be discerned in the approach of both the UN High Commissioner for Refugees and the International Committee of the Red Cross today and has also exerted some impact on local law, including the European Union's General Data Protection Regulation.
