Over the last three weeks, privacy-focused events in China, South Korea and Singapore have highlighted the growing momentum of APEC’s Cross Border Privacy Rules (CBPR) system in the region.
- On June 29, China’s Ministry of Commerce, Foreign Ministry, General Administration of Customs and the China International Electronic Commerce Centre (CIECC) hosted the 6th APEC E-Commerce Business Alliance (ECBA) Forum in Jinjiang, Fujian province, China. The U.S. representatives to the ECBA are TRUSTe’s Director of Policy, Josh Harris, Markus Heyder, Vice-President of the Centre for Information Policy Leadership and Manuel Maisog, partner at Hunton & Williams, Beijing. In his keynote address, APEC Secretariat Executive Director Alan Bollard emphasized the regional economic benefits to the free flow of data and encouraged government officials in attendance to join the CBPR system. At the closing of the forum, the ECBA released the Jinjiang Proposal, as drafted by ECBA members, which encouraged all APEC economies to participate in the CBPR system.
- On July 13, the Korea Internet and Security Agency (KISA) hosted the 5th International Conference on Information Security in Seoul, South Korea where TRUSTe Policy Director Josh Harris and Professor Choi Kyoung Jin of Gachon University discussed the potential implementation of the CBPR system in South Korea.
- On July 18, the Centre for Information Policy Leadership along with the Asia Pacific Economic Cooperation hosted a joint workshop, “Enabling Legal Compliance and Cross-Border Data Transfers with the APEC Cross-Border Privacy Rules (CBPR)” in Singapore. CBPR-certified companies, including Apple, Cisco, HP and Merck along with TRUSTe joined Singapore’s Assistant Privacy Commissioner Zee Kin Yeong in discussing the advancement of the regional system.
- Finally, on July 19, the International Association of Privacy Professionals hosted the IAPP Asia Privacy Forum 2016 in Singapore. Panel discussions included “Preparing for and Executing CBPRs”, moderated by Ken Chia, Principal, Baker & McKenzie. Panelists included Grace Guinto, Digital Trust Manager at PwC, Australia, Professor Hiroshi Miyashita, Chuo University and New Zealand Assistant Privacy Commissioner Blair Stewart.
The increased focus on CBPRs in Asia comes as Japan recently put forward JIPDEC as the country’s first ‘Accountability Agent’ under the CBPR system. Japan’s Ministry of Economy Trade and Industry has confirmed that CBPR-certification will serve as a basis for transfer of personal data out of Japan under the implementing guidelines for Japan’s recently-reformed privacy law. TRUSTe has been an APEC-endorsed Accountability Agent since 2013. More information on CBPRs can be found at https://www.truste.com/business-products/apec-accountability/.