APEC is a 21-member organization operating under nonbinding agreement. Its 2004 Privacy Framework (updated 2015) sets nine principles that mirror the OECD but are more explicit on exceptions, and led to Cross-Border Privacy Rules and the Global CBPR Forum.
APEC has 21 Pacific Coast members and, unlike the EU, operates under nonbinding agreement. The APEC Privacy Framework was approved in 2004 and updated in 2015, containing nine principles that generally mirror the OECD Guidelines but are more explicit about exceptions. The first principle is Preventing Harm.
In 2022, several economies including the United States announced the Global Cross-Border Privacy Rules (CBPR) Forum, technically independent of APEC, allowing non-APEC members to participate.
⚠️ Binding vs. nonbinding
APEC operates under nonbinding agreement; the European Union does not. Do not confuse APEC's framework with a binding treaty like Convention 108.
Key terms - quick answers
What is “APEC”?
Asia-Pacific Economic Cooperation, a multinational organization of 21 Pacific Coast members that operates under nonbinding agreement, unlike the EU.
What is “APEC Privacy Framework”?
A 2004 (updated 2015) framework of nine information privacy principles that generally mirror the OECD Guidelines but are more explicit about exceptions.
What is “Cross-Border Privacy Rules (CBPR)”?
APEC system for cross-border data protection, extended in 2022 into the Global CBPR Forum allowing non-APEC members to participate.
What is “Preventing Harm”?
The first APEC privacy principle, requiring protection designed to prevent misuse of personal information with remedies proportionate to the harm.