The flow of information is fundamental to doing business in the global economy.  APEC members recognize the importance of protecting information privacy and maintaining information flows between economies in the Asia-Pacific region and between APEC economies and their international trading partners.

 The APEC Cross-border Privacy Enforcement Arrangement (CPEA) creates a framework for regional cooperation in the enforcement of Privacy Laws.  Any Privacy Enforcement Authority (PE Authority) in an APEC economy may participate.

The CPEA aims to:

  • facilitate information sharing among PE Authorities in APEC economies;
  • provide mechanisms to promote effective cross-border cooperation between authorities in the enforcement of Privacy Law; and
  • encourage information sharing and cooperation on privacy investigation and enforcement with PE Authorities outside APEC.

The CPEA is a significant step to assist in cross-border enforcement where there is a Privacy Law and Privacy Enforcement Authority in more than one of the economies involved.  The CPEA will assist participating PE Authorities in the APEC region to address these challenges, through cross-border cooperation on consumer privacy investigations and enforcement matters.

Background

APEC's 1998 Blueprint for Action on Electronic Commerce emphasizes that the potential of electronic commerce cannot be realised without government and business cooperation.

In 2004, the APEC Privacy Framework was endorsed by APEC Ministers recognizing that cooperation to balance and promote effective information privacy protection and the free flow of information in the Asia-Pacific region is key to improving consumer confidence and ensuring the growth of electronic commerce.

In 2007, a Data Privacy Pathfinder initiative was established to progress the implementation of the APEC Privacy Framework. The Pathfinder involves multiple projects aimed at promoting consumer trust and business confidence in cross-border data flows. It also includes general commitments regarding the development of a Cross-Border Privacy Rules system.

The CPEA is an outcome of the Pathfinder initiative. It focuses on one of the four key goals of the APEC Privacy Framework, namely to facilitate both domestic and international efforts to promote and enforce information privacy protections.

The CPEA aims to contribute to consumer confidence in electronic commerce involving cross-border data flows by establishing a framework for regional cooperation in the enforcement of Privacy Laws. The CPEA was endorsed by APEC Ministers in November 2009 and commenced on 16 July 2010.

CPEA Administrators:

The U.S. Federal Trade Commission

CPEA participants (to-date):

  1. The Office of the Australian Information Commissioner (OAIC)
  2. The New Zealand Office of the Privacy Commissioner (NZOPC)
  3. The United States Federal Trade Commission (US FTC)
  4. The Office of the Privacy Commissioner for Personal Data, Hong Kong, China (PCPD)
  5. The Office of the Privacy Commissioner of Canada (OPCC)
  6. Ministry of Interior – Korea (MOI)
  7. Korea Communications Commission (KCC)
  8. Federal Institute for Access to Information and Data Protection of Mexico
  9. Personal Data Protection Commission, Singapore (PDPC)
  10. Personal Information Protection Commission of Japan (https://www.ppc.go.jp/en/)