Over the last three weeks, privacy-focused events in China, South Korea and Singapore have highlighted the growing momentum of APEC’s Cross Border Privacy Rules (CBPR) system in the region. On June 29, China’s Ministry of Commerce, Foreign Ministry, General Administration of Customs and the China International Electronic Commerce Centre (CIECC) hosted the 6th APEC E-Commerce Business Alliance (ECBA) Forum in Jinjiang, Fujian province, China. The U.S. representatives to the ECBA are TRUSTe’s Director of Policy, Josh Harris, Markus Heyder, Vice-President of the Centre for Information Policy Leadership and Manuel Maisog, partner at Hunton & Williams, Beijing. In his keynote address, APEC Secretariat Executive Director Alan Bollard … Continue reading APEC Cross Border Privacy Rules Advancing in Asia
If you missed today’s webinar covering solutions for Cross Border Data Transfers, the short clip below will give you an idea of just some of the material covered. Speakers were Hilary Wandall, AVP Compliance & Chief Privacy Officer at Merck & Co., Inc.; Josh Harris, Director of Policy at TRUSTe, and Melinda Claybaugh, Counsel for International Consumer Protection, Federal Trade Commission. To download the full webinar, click here. Click here for a clip of the webinar.
For the first time, the White House has called out the APEC-EU privacy interoperability project as one of its key initiatives APEC member economies will prioritize in order to enhance regional economic integration for the Asia Pacific region, wrote TRUSTe’s Director of Policy Josh Harris in an article for The Privacy Advisor. The goal of the interoperability project is to provide a dual-certification approach to streamline global privacy practices without duplicating efforts – something that will appeal to many companies. It would establish mechanisms to facilitate a company’s simultaneous participation in the Cross Border Privacy Rules and Binding Corporate Rules … Continue reading White House Steps Up APEC-EU Interoperability Push
By Josh Harris, Director of Policy Earlier today (Sept. 3), Japan’s Diet passed an amendment to the “Act on the Protection of Personal Information,” which has been in effect since April 2005. Under the amendment, which goes into effect in January 2016, Japan will establish a Personal Information Protection Commission. The Commission will be established as an independent authority in attempt to bolster Japan’s expected request for a determination of adequacy by the European Commission. In addition, Article 24 of the amended law imposes restrictions on the transfer of personal information of Japanese citizens to third parties in foreign countries. Exemptions to … Continue reading Japan Amends Data Privacy Law & Proposed Implementing Regs Endorse CBPRs as Route to Compliance
Today, Canada announced that it has formally joined to APEC’s Cross-Border Privacy Rules (CBPR) system. Canada is the fourth member economy to sign on to the system, which facilitates cross-border data flows in the APEC region. So far, the U.S., Mexico and Japan have joined the voluntary CBPR system.
APEC originally began in 1989 to promote free trade throughout the region and includes 21 member economies in the Pacific Rim. APEC leaders saw the need to create rules to govern data transfers across borders.
The Cross-Border Data Privacy Rules system was developed by APEC economies in consultation with industry, academia and civil society to build consumer, business and regulator trust in cross-border flows of personal information. In order for business in participating economies to become CBPR certified, they must develop and implement data privacy policies that align with the system requirements. These policies must then be verified by a third party, an “Accountability Agent.” TRUSTe is currently the only Accountability Agent recognized by APEC economies to perform CBPR certification.
With the rapid expansion in digital properties and heightened data privacy concerns, maintaining trust is more important than ever. It is no longer enough to say that an individual website or mobile app has good privacy practices. Companies need to be able to demonstrate to customers, employees, partners and regulators that they have strong data privacy management practices across the whole enterprise. To meet these evolving business requirements, TRUSTe is launching Enterprise Privacy Certification for general availability on April 1, 2015. This new offering consolidates five separate privacy services – TRUSTed Websites, TRUSTed Apps, TRUSTed Cloud, US-EU Safe Harbor Prep … Continue reading New TRUSTe Certification Available to Demonstrate Privacy Compliance Across the Enterprise