Privacy Compliance under Cross Border Privacy Rules of APEC

CBPR (Cross Border Privacy Rules of APEC)

The APEC Cross Border Privacy Rules (CBPR) system helps bridge the differences in privacy rules between different countries by providing a single framework for the exchange of personal information among participating economies in the APEC region.There are currently three participating APEC CBPR system economies: USA, Mexico and Japan, with more expected to join soon.

The APEC Electronic Commerce Steering Group (ECSG) and the EU Article 29 Working Party have produced a common referential for the requirements of the APEC CBPR system and the EU Binding Corporate Rules.

Participating companies are required to adhere to the standards established by the APEC CBPR system. All APEC CBPR system certified companies have their privacy policies and practices evaluated by an approved independent third party verifier (known as an “Accountability Agent”). Accountability Agents monitor and enforce companies’ compliance with the APEC CBPR program requirements. In appropriate cases, they are also required to report non-compliance to Privacy Enforcement Authorities.

P.S: This page may be updated from time to time with additional information. Discussions on this may also be covered in the articles on the site.