Privacy & Cybersecurity Law Blog

On July 26, 2012, acting U.S. Secretary of Commerce Rebecca Blank announced that APEC’s Joint Oversight Panel has approved the United States’ request to participate in the APEC Cross-Border Privacy Rules System. The panel also approved the Federal Trade Commission’s participation as the system’s first privacy enforcement authority. The next step will be for the United States to nominate one or more accountability agents for the panel’s approval. Accordingly, the Department of Commerce will publish a Federal Register Notice in the coming days to provide guidance on how potential accountability agents may seek recognition. Once a U.S. accountability agent has been approved, American companies will be able to submit their cross-border privacy rules to be recognized as meeting the APEC standard.

Acting Secretary Blank said, “U.S. participation in APEC’s Cross Border Privacy Rules system is a significant milestone in international data protection and is an important step in the implementation of the global privacy strategy outlined in the Obama administration’s February 2012 Data Privacy Blueprint.”

On July 12, 2012, the Mexico Ministry of Economy announced that it would request approval for participation in the system, and APEC has entered into discussions with the EU’s Article 29 Working Party regarding interoperability between cross-border privacy rules and European binding corporate rules. It is expected that Japan also will request recognition in the near future, and that TRUSTe will seek recognition as a privacy enforcement authority.

As we previously reported, the Centre for Information Policy Leadership at Hunton & Williams LLP has actively participated in the development of the Cross-Border Privacy Rules System.