PH extends ‘extraterritorial reach’ with APEC pact on privacy enforcement

The Philippines, through the National Privacy Commission (NPC), has joined the APEC Cross Border Privacy Enforcement Arrangement (CPEA), an enforcement network developed for the Cross-Border Privacy Rules (CBPR).

National Privacy Commission chair Raymund Liboro (left) holding press briefing with US Federal Trade Commission legal counsel Melinda Claybaugh during the APEC Cross-Border Privacy Rules confab at Sofitel Hotel

National Privacy Commission chair Raymund Liboro (left) holding press briefing with US Federal Trade Commission legal counsel Melinda Claybaugh during the APEC Cross-Border Privacy Rules confab at Sofitel Hotel

The CPEA is an initiative that facilitates information-sharing among privacy enforcement authorities inside and outside of APEC economies.

Administrators of the CPEA have confirmed NPC’s status as a Privacy Enforcement Authority (PEA) for the Philippines, becoming the 11th PEA along with those from eight other APEC economies namely, Australia, Canada, Hong Kong, Japan, South Korea, New Zealand, US, and Mexico.

NPC chair Raymund Enriquez Liboro on Tuesday, Nov. 5, said that as a next step, the NPC is convening local stakeholders to build consensus around formally joining the APEC CBPR.

Dubbed the APEC CBPR Manila Workshop, the two-day workshop was conducted at the Sofitel Philippine Plaza Manila with the theme “Making the APEC Cross-Border Privacy Rules Scalable.”

It was jointly organized by the NPC and the US Department of Commerce, with participation by the Federal Trade Commission.

“The CBPR System, enables Philippine-based companies to get their data-privacy and protection systems certified with a local Accountability Agent. This would allow them to freely transfer data to all CBPR-participating countries. For businesses, this would mean less hassle as certification would amount to meeting the privacy requirements of each member-country in the system,” Liboro said.

To date five APEC economies are already part of the CBPRs, namely, South Korea, Canada, Japan, Mexico and the United States.

The APEC CBPR system is a regional, multilateral cross-border data transfer mechanism and enforceable privacy code of conduct developed for businesses by the 21 APEC member-economies. The CBPRs implement the nine high-level APEC Privacy Framework principles.

Although all APEC economies have endorsed the system, participation requires individual APEC economies to officially express their intent to join, adhere to a set of common principles, and show that an effective enforcement mechanism is in place.

Comment on this post