Privacy Groups Win Changes to APEC CBPR System
(2015) 133 Privacy Laws & Business International Report, 32-33
4 Pages Posted: 8 May 2015 Last revised: 30 May 2015
Date Written: February 15, 2015
Abstract
Privacy advocates and civil society representatives have been campaigning for two years for reform of the APEC Cross Border Privacy Rules system (APEC CBPRs). On 27 January 2015, APEC announced significant changes, meeting around 90% of the demands from that campaign. Advocates had argued that the first implementation of the APEC CBPRs (using TRUSTe as the Accountability Agent (AA) in the United States) had failed to meet basic APEC Privacy Framework requirements, both in relation to TRUSTe’s original AA application in 2013 and in its 2014 application for renewal of its AA status.
Although APEC chose to ultimately approve TRUSTe’s continued role as an Accountability Agent (at least for a further 12 months), the decision was accompanied by massive changes and improvements in the APEC CBPRs, including a completely new set of TRUSTe APEC Program Requirements. This article gives details of those improvements, and the criticisms on which they are based, and notes continuing deficiencies and what is needed to remedy them.
The criticisms of the renewal of TRUSTe's AA status are in Connolly, C, Greenleaf, G and Waters N 'Privacy self-regulation in crisis?: TRUSTe's 'deceptive' practices' (2014) 132 Privacy Laws & Business International Report, 19-21, available at: http://ssrn.com/abstract=2567090.
Keywords: privacy, data protection, cross border rules, APEC, Asia-Pacific
Suggested Citation: Suggested Citation