Privacy & Information Security Law Blog

On September 30, 2013, Hunton & Williams LLP hosted representatives from the U.S. Department of Commerce for a timely discussion of the Safe Harbor Framework, the Asia-Pacific Economic Cooperation (“APEC”) Cross-Border Privacy Rules System (“CBPRs”), and the Transatlantic Trade and Investment Partnership (“TTIP”) negotiations. The panel also addressed the development of privacy codes of conduct and privacy legislation being developed by the Department of Commerce.

Moderated by Lisa Sotto, partner and head of the Global Privacy and Cybersecurity Practice at Hunton & Williams LLP, the panel featured:

• Joshua Harris, Vice Chair of the APEC Data Privacy Subgroup and Chair of the APEC CBPRs Joint Oversight Panel; and
• Caitlin Fennessy, ITA’s leading expert on the proposed amendments to the EU’s privacy Regulation and co-administrator of the Safe Harbor Framework.

Speaking about the 35th International Conference of Data Protection and Privacy Commissioners, which took place on September 23 and 24, 2013, in Warsaw, Poland, Ms. Fennessy noted that there seemed to be a great deal of energy and interest regarding transborder data flows and the future of the Safe Harbor Framework. She underscored the importance of the framework to transatlantic trade, and indicated that the Department of Commerce is taking EU member countries’ concerns – including Germany’s recent comments about suspending Safe Harbor-based data transfers – very seriously. Fennessy also referenced the ITA’s April 2013 “clarification” document, which reiterates that the Safe Harbor Framework applies in the cloud computing context.

Mr. Harris addressed issues related to APEC’s Cross-Border Privacy Rules System, a voluntary program based on the APEC Privacy Framework that is designed to promote interoperability across data privacy regimes. He remarked on the continuing cooperation between the EU and APEC on cross-border data transfers, and addressed upcoming discussions (including a November meeting in Brussels) that aim to increase interoperability among the various stakeholder jurisdictions. Harris also mentioned that he and Ms. Fennessy are working to make sure core concepts such as interoperability are included in TTIP documents.

With respect to domestic privacy concerns, Fennessy and Harris discussed the Commerce Department’s coordination with the Federal Trade Commission, and highlighted the multistakeholder process and resulting code of conduct on mobile application transparency. With respect to future privacy legislation, Fennessy commented that future legislative initiatives by the Obama Administration likely will focus on filling existing gaps in the current privacy framework.