Chapter 14: The GDPR and International Privacy Issues
Recent Developments in Global Data Flows
Beyond the GDPR's influence, the Global CBPR Forum builds on APEC's Cross-Border Privacy Rules to allow trade with privacy assurances, and the OECD adopted common principles for government access to private-sector data.
Acknowledging that most countries will not qualify for EU adequacy, APEC pursued an approach allowing trade with privacy protections. In 2022, Canada, Japan, South Korea, the Philippines, Singapore, Chinese Taipei, and the United States announced the Global CBPR Forum - a certification system based on the APEC Cross-Border Privacy Rules and PRP Systems, independent of APEC so non-members can participate.
In 2022 the OECD adopted a declaration on common principles for government access - for law enforcement and national security - to personal data held by private companies. The principles cover legal basis, legitimate aims and rule of law, approval requirements, appropriate handling, transparency, oversight, and remedies.
Key terms - quick answers
What is “Global CBPR Forum”?
A 2022 international certification system based on the APEC Cross-Border Privacy Rules, independent of APEC so non-members can join.
What is “APEC Cross-Border Privacy Rules”?
The Asia-Pacific framework allowing trade among participating economies while providing privacy assurances.
What is “OECD”?
The Organisation for Economic Co-operation and Development, which adopted common principles for government access to private-sector personal data.