Data Privacy Subgroup (DPS)
APEC Cross-Border Privacy Rules (CBPR) System
In November 2011, the APEC Leaders issued a directive to implement the APEC Cross Border Privacy Rules System (CBPR)
. The CBPR system balances the flow of information and data across borders while at the same time providing effective protection for personal information, essential to trust and confidence in the online marketplace.
The system is one by which the privacy policies and practices of companies operating in the APEC region are assessed and certified by a Third party verifier (known as an “Accountability Agent”) and follows a set of commonly-agreed upon rules, based on the APEC Privacy Framework. By applying this commonly agreed-upon baseline set of rules, the CBPR system bridges across domestic differences that may exist amongst domestic privacy approaches. Currently, three APEC economies have aligned their privacy laws with the APEC Privacy Framework.
The Privacy Recognition for Processors (PRP) was recently endorsed by APEC in January 2015 and will be operationalized in the coming months. The PRP is designed to help personal information processors assist controllers in complying with relevant privacy obligations, and helps controllers identify qualified and accountable processors. This is done through an intake questionnaire which sets forth the baseline requirements of the PRP. The APEC-recognized Accountability Agent will then assess a processor seeking recognition based on a set of requirements.
DPS is currently engaged in a stocktake of the APEC Privacy Framework. A working group was created to determine the elements and scope of the stocktake that will focus on the domestic and international implementation of the framework while taking into account developments in technology and business environment.
Promoting Interoperability between APEC-EU Privacy Rules Systems
In September 2012, a joint APEC-EU Working Committee was created with Senior Official Meeting’s (SOM) approval. The Committee consists of interested APEC Economies and representatives from data protection authorities in the European Union Article 29 Working Party and from the European Commission. Since its inception, the Working Committee has been engaged in the discussions regarding similarities and differences between the APEC Cross Border Privacy Rules System (CBPR) and the EU system of Binding Corporate Rules System (BCR). EU Binding Corporate Rules (BCR) are one of selected mechanisms established by the EU to permit data about individuals to be transferred outside EU Member States. The CBPR System is a mechanism that confirms a baseline level of privacy protections across the APEC region and that facilitates transfers of personal information across the region.
In January 2014, the joint APEC-EU Working Committee led to the development and completion of a Common Referential for the Structure of the EU System of Binding Corporate Rules and APEC Cross Border Privacy Rules System. The goal of this referential is to serve as an informal pragmatic checklist for companies applying for authorization of the EU system of Binding Corporate Rules System (BCR) and certification under APEC’s Cross Border Privacy Rules system (CBPR). In addition to outlining compliance and certification requirements of both APEC CBPR and EU BCR systems, the referential also identifies common elements and additional requirements for each. This will be useful for companies applying for certification under both systems. This initiative is just the first step of the work on APEC CBPR and the EU BCR. The long term goal is to work on the interoperability of these systems.
Paperless Trading Subgroup (PTS)
ECSG has been working to implement the Supply-Chain Connectivity Framework and Action Plan to address current bottlenecks, specifically those that involve customs and other cross border trade procedures.
Through the Paperless Trading Subgroup (PTS), ECSG has been developing projects that integrate paperless trading in commercial processes, particularly projects that use e-solutions or electronic procedures and processes in cross-border trade, in order to save time and cut costs and uncertainties for firms and government agencies. These e-solutions include the following: Electronic Certificate of Origin (ECO), e-negotiation, e-invoicing, Electronic Sanitary and Phyto-Sanitary Certiciate (e-SPS), archiving of e-documents and e-trade financing. The goal is to build up e-commerce as a main driver and integration tool that will enhance the efficiency of supply-chains.
The ECO Project
The ECO pathfinder project which started operation in May 2010 continues to be implemented between Chinese Taipei and Korea. The success of the project has been documented by the APEC Policy Support Unit (PSU) in 2011. Discussions and systems testing with other member economies are ongoing to expand the scope of the project within APEC. Noting the rather slow implementation of the project, the APEC-funded Study on the Readiness of ECO Implementation in Cross-border Trade in APEC Region was organized by China in Beijing in July 2012 to determine the obstacles to the project. The study highlighted the need for economies to:
- enhance legal environment to implement ECO;
- intensify inter-agency collaboration within the border;
- promote cross-border cooperation and exchanges among member economies; and
- enhance cross-fora relationship within APEC.
Enhancing Reliable Supply Chains by e-B/L Exchange in APEC Region
To complement the work of PTS on ECO and to implement part of the roadmap for trade facilitation, this project was implemented by Korea together with China and Russia. Due to slow paper handling by parties involved in international trade, importers often wait for a bill of lading (B/L) (a document used to acknowledge the receipt of shipment of goods) as banks circulate trade-related documents that contain property rights, while the goods have already arrived at the destination port. In these situations, the importer and exporter would lose the opportunity to take advantage of improvements in sea transport for international trade, and to receive their goods and payment, respectively, at an appropriate time. If the involved parties had used e-B/L, it is likely that they could have reduced storage costs for cargos that arrived prior to acquisition, and also obtain the goods without delay.
This project addressed necessary steps for the practical use of e-B/L among traders, carriers, forwarders, banks and other parties in international trade. This project also identified the viability of the e-B/L international exchange model in Korea, China, Russia, Vietnam, Malaysia and the Philippines, as well as other APEC member economies. The projects deliverables included:
- Research on the legal, technical and commercial environments of e-B/L exchange in Korea, China, Russia (and Viet Nam, Malaysia, and the Philippines, in possible scope) (Dec 2012 - May 2013).
- Investigate on the needs and demands of traders, carriers, forwarders, banks and other related parties for e-B/L (Dec 2012 - May 2013).
- Examine the effects of exchanging e-B/L in APEC member economies (May 2013 - Jul 2013).
- Suggest strategies for APEC economies to boost e-B/L exchange.
Enhancing Global Supply Chain Efficiency by E-Manifest in the APEC Region (China)
Manifests, a description of goods on a carrier, are an important part of the supply chain. Apart from the commercial aspect, manifests are also key documents for customs control purpose and effectively acts as the notification of import and export cargos.
Electronic Manifest Systems have been established in some APEC economies such as the United States, Canada, Korea, and China in recent years for trade facilitation and risk control purposes. It requires specified trade parties (e.g. carrier) to electronically submit a list of customs-defined cargo information for border entry or exit before the actual arrival of the cargo.
It has exercised a strong influence on the global supply chain, and brings useful benefits both for the traders and Customs. The electronic manifest has eliminated many issues that exist in traditional manual (paper) approach, however, exporters and importers still need to create the same (or similar) set of manifest data separately and submit to the corresponding Customs.
This APEC-funded project analyzed the efficiency of current manifest submission procedures, and identified guidelines for the effective implementation of e-manifest declaration.
The ECSG has guided numerous capacity building projects that promote the development and use of electronic commerce and ICTs within the APEC region including:
APEC Data Privacy Pathfinder
The APEC Data Privacy Pathfinder was established by Ministers in 2007 to achieve accountable cross-border flow of personal information within the APEC region. This goal is to be achieved by developing and implementing a Cross-Border Privacy Rules (CBPR) system, consistent with the APEC Privacy Framework which was endorsed by APEC Ministers in 2004.
The CBPR system requires organizations to develop their own internal business rules on cross-border privacy procedures, which must be assessed as compliant with the minimum requirements of the APEC system by an independent public or private sector body, called an Accountability Agent. The ECSG has been working toward the development of the APEC CBPR system, which will help build consumer, business and regulator trust in the electronic cross-border flow of personal information.
On 26 July 2012 the United States was confirmed as having met the conditions for member economy participation in the CBPR System. This followed the Joint Oversight Panel (JOP) releasing a findings report that unanimously determined that the United States had met the conditions set out in the APEC CBPR Charter. The United States had provided a Notice of Intent to participate in the CBPR System, which included annexes outlining relevant domestic laws and regulations and an APEC CBPR System Program Requirements Enforcement Map.
Progress on the implementation of the APEC Privacy Framework includes the application of Information Privacy Individual Action Plans by 14 economies, and the creation of a study group within the Data Privacy Sub-Group (DPS) to analyze and identify best practices and the role of trust-marks in promoting the cross-border flow of information.
A notable progress in this area is the establishment of an APEC Cross-Border Privacy Enforcement Arrangement (CPEA) in July 2010. This multilateral arrangement provides the first mechanism in the APEC region for Privacy Enforcement Authorities to share information and provide assistance for cross-border data privacy enforcement. The CPEA signifies the ongoing commitment within APEC to increase the protection of cross-border flows of personal information and is a significant step in the effective implementation of the APEC Privacy Framework.
A series of seminars have been held to provide technical assistance to developing economies and to address issues related to the development of CBPR system such as trust marks, regulatory models, accountability, privacy, governance and operational issues, and how the system benefits different stakeholders.
APEC Ministers endorsed the principal documents of the APEC Privacy Pathfinder in November 2011 in Honolulu, Hawaii. APEC Leaders also committed to implement the CBPR System “to reduce barriers to information flows, enhance consumer privacy, and promote interoperability across regional data privacy regimes.”
The ECSG's Paperless Trading Subgroup develops projects on the use of paperless trading in commercial processes involving business-to-business (B2B) and business-to-government (B2G) transactions and promotes the use of electronic documents and internet technologies in international trade.
These projects aim to use "e-solutions" or electronic procedures and processes in cross-border trade to save time and costs for firms and government agencies seeking regulatory compliance information from traders. Areas covered by these projects include: electronic certificates of origin (ECO), electronic invoicing, business requirements for data harmonisation and single window, best practices in paperless trading, archiving of e-documents and e-trade financing. Among those projects, the ECO project has been implemented in live transactions between member economies beyond its pilot stage, saving substantial cost and time and thus realizing the benefits of trade facilitation.
Work is underway to implement APEC's Strategies and Actions Toward a Cross-Border Paperless Trading Environment to enable the electronic transmission of trade-related information across the region by 2020.
17 economies have submitted Individual Action Plans on Paperless Trading outlining progress made "to reduce or eliminate the requirement for paper documents needed for customs and other cross-border trade administration and other documents and messages relevant to international sea, air and land transport" as set out in the APEC Blueprint for Action on E-Commerce.
Christopher HOFF (Mr)
Data Flows and Privacy Team Department
International Trade Administration, US Department of Commerce
1401 Constitution Ave., NW
Washington, D.C. 20230
Tel: +1 202 482-3120
Mitsuo MATSUMOTO (Mr)
ECSG Vice Chair
International Affairs Office
Commerce and Information Policy Bureau
Ministry of Economy, Trade and Industry
1-3-1 Kasumigaseki, Chiyoda-ku, Tokyo, Japan
Tel: +81 3 3501 1843
Fax: +81 3 3501 6639
Daniele CHATELOIS (Ms)
Data Privacy Sub-group (DPS) Chair
Electronic Commerce Branch
300 Slater Street, Room 1889-D
Ottawa, Ontario, K1A 0C8
Tel: +1613 990-4255
Fax: +1613 941-1164
Xiaoqi SHENTU (Ms)
Paperless Trading Sub-group (PTS) Chair
Department of Electronic Commerce and Infomatization
Ministry of Commerce
No. 2 Dong Chang An Street, Beijing, China 100731
Tel: +8610 6519 7442
Fax: +8610 6519 7450
Karen YEO (Ms)