The United States is pairing up with six other countries to develop privacy and cybersecurity standards for the data that cross over into each other’s borders.
The Department of Commerce announced Thursday that it will be partnering with representatives from the governments of Canada, Japan, South Korea, Singapore, the Philippines and Taiwan to establish a Global Cross Border Privacy Rules forum. The group would be primarily responsible for creating a new international certification system for private businesses and other organizations based on two sets of data privacy protection standards developed by the Asia-Pacific Economic Cooperation (APEC).
In a statement, Secretary of Commerce Gina Raimondo said the effort marks “the beginning of a new era of multilateral cooperation” for protecting the flow of data “that are critically important to our modern economy.”
“The Global CBPR Forum intends to establish the Global Cross Border Privacy Rules and Privacy Recognition for Processors Systems, first-of-their-kind data privacy certifications that help companies demonstrate compliance with internationally recognized data privacy standards,” said Raimondo. “At the same time, the new forum will facilitate trade and international data flows and promote global cooperation, building on our shared data privacy values while recognizing the differences in our domestic approaches to protecting data privacy.”
Apart from developing the new certification system, the partnership would also focus on a range of issues related to privacy and security, including supporting the “free flow” of secure data across borders, periodically review domestic laws to ensure they align with APEC standards, and promote and pursue interoperability with other data protection frameworks.
According to a press release by Commerce, participation will be open “in principle” to other countries “which accept the objectives and principles of the Global CBPR Forum,” though only the U.S. and other six original countries will be full members with voting power and must agree on including new participants.
The group will meet at least twice a year in-person or virtually to implement projects and determine the direction of future projects. While the standards and certification system will exist independent from APEC, companies who have certified prior to the forum’s creation will continue to have their credentials honored “until further notice.”