ARTICLE
12 January 2018

As GDPR Looms, Australia To Participate In APEC's CBPR Program

SM
Sheppard Mullin Richter & Hampton

Contributor

Sheppard Mullin is a full service Global 100 firm with over 1,000 attorneys in 16 offices located in the United States, Europe and Asia. Since 1927, companies have turned to Sheppard Mullin to handle corporate and technology matters, high stakes litigation and complex financial transactions. In the US, the firm’s clients include more than half of the Fortune 100.
Late last year, Australia's Attorney General confirmed that Australia planned to participate in APEC's Cross Border Privacy Rules (CBPR) system.
Australia Privacy

Late last year, Australia's Attorney General confirmed that Australia planned to participate in APEC's Cross Border Privacy Rules (CBPR) system. The CBPR system was intended to help companies that want to transfer personal data across the borders of participating countries. Currently there are five participating countries: Canada, Japan, South Korea, Mexico, and the US. This scheme has been viewed by some as a hopeful complement to the Binding Corporate Rules concept under the EU Data Privacy Directive. In recognition of the overlap between the two, the Article 29 Working Party and the APEC Electronic Steering Group put together a checklist of the commonalities between Binding Corporate Rules and CBPR certification.

As next steps, Australia needs to finalize its participation in the program. It has indicated that it will be working with the Office of the Australian Information Commission (OAIC) and businesses to implement the CBPR system. Then, Accountability Agents will conduct certifications on Australian companies who are interested in participating. It remains to be seen how the CBPR system, which has been expanding, will be impacted after the May 2018 implementation of GDPR.

Putting it Into Practice: This approval shows that governments are continuing to think about how they can help companies address the need to transfer data across borders while addressing varying privacy requirements.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More