Privacy & Cybersecurity Law Blog

On November 13, 2011, Asia-Pacific Economic Cooperation (“APEC”) leaders endorsed the APEC Cross-Border Privacy Rules (“CBPRs”) system at an APEC meeting in Honolulu, Hawaii. The Leaders’ Statement also endorsed interoperability between national and regional privacy and data protection regimes to facilitate moving data around the globe while protecting privacy.

Earlier last week, APEC foreign and trade ministers issued a statement endorsing not only the cross-border privacy rules, but also the broader APEC Privacy Framework of which CBPRs form an integral part.

“Implementing the APEC Privacy Framework through Cross Border Privacy Rules enables greater information flows that support innovation and promote interoperability across global data privacy regimes, while enhancing data privacy practices; facilitating regulatory cooperation; and enabling greater accountability through the use of common principles, coordinated legal approaches, and accountability agents.”

The Statement further endorsed the principal documents of the APEC Data Privacy Pathfinder, which promote “regional economic integration, regulatory cooperation, and cross-border trade.” The endorsement of interoperability by APEC leaders and ministers opens the door for APEC constituent economies and the European Commission to discuss how to link CBPRs and EU Binding Corporate Rules.

When the APEC meetings move to Russia in 2012, the APEC Data Privacy Subgroup will begin to develop the structure for implementation of the CBPRs so they may be used by businesses and APEC economies in the Asia-Pacific region.

The Centre for Information Policy Leadership, which was among the earliest participants in the development of the APEC Privacy Framework, has been an active participant in the APEC Data Privacy Subgroup and has promoted, with the International Chamber of Commerce, concepts of interoperability.