The EU and APEC: A Roadmap for Global Interoperability?
The steady stream of media reports on the privacy differences between the EU and the U.S. would have you believe that cross-border data sharing is nothing but storm clouds over the Atlantic. However, the forecast for the Pacific appears to be fair weather and blue skies, and the data protection authorities (DPAs) in Brussels are taking note. As global data flows are accelerating, data privacy laws around the world are proliferating. For example, of the 21 economies that comprise the Asia-Pacific Economic Cooperation forum (APEC), nearly a dozen have introduced or updated laws that protect personal information privacy since 2010. APEC represents 40% of the world 's population, 54% of the world 's GDP and 40% of world trade�and growing fast. In the last 10 years, APEC has established a regional privacy framework that maximizes privacy protection while facilitating cross-border information flows. APEC uses the Cross-Border Privacy Rules (CBPR) system, a set of enforceable rules developed by an organization based on APEC Privacy Principles. While APEC has the CBPR system, the EU has been experiencing an increase in the use of Binding Corporate Rules (BCRs). The synergies of the CBPR-BCR systems have the potential to become the brightest spot on the horizon for finding interoperability among two enormous economic regions. From a business standpoint, compatibility between CBPR and BCR could offer an effective approach to developing a solution to sharing cross-border data sharing globally.