Skip to main content

APEC Data Privacy Pathfinder

Last page update:

Economies are working together to achieve accountable cross-border flow of personal information within the APEC region.

The flow of information is fundamental to business in the global economy. The ability to network, exchange ideas, and share knowledge can determine a company's likelihood of success. Conversely, the inability to carry out private interactions can seriously impede business.

This rationale is at the heart of a collective endeavor within the Asia-Pacific Economic Cooperation region to protect privacy while ensuring no unnecessary barriers to the flow of information in the process.

In September 2007 in Sydney, Australia, ministers from APEC member-economies endorsed the APEC Data Privacy Pathfinder—a commitment to work together to develop a system that provides for accountable cross-border data flows, consistent with the APEC Privacy Framework.

Economies agreed to consider international implementation mechanisms by looking at how the use of cross-border privacy rules (CBPRs) can facilitate flexible cross-border information flows, if done within a system that provides credible oversight and ensures enforcement of these privacy rules. 

The Pathfinder sets out a series of objectives to be achieved in this process: It implements the member-economies’ unified commitment to developing a system that provides for the use of CBPRs by business.

Moreover, the Pathfinder projects build a system that allows businesses to create their own CBPRs, while safeguarding consumers with “accountability agents” and regulators, in the APEC region—a system that makes sure businesses are held accountable to their privacy promises.

Subsequently, the Framework was updated in 2015—by drawing upon concepts introduced into the Organisation for Economic Co-operation and Development (OECD) Guidelines in 2013—with due consideration for the different legal features and context of the APEC region.

Essentially, the framework improves information sharing among government agencies and regulators; facilitates the safe transfer of information between economies; establishes a common set of privacy principles; encourages the use of electronic data to enhance and expand business; and provides technical assistance to those economies that have yet to address privacy from a regulatory or policy perspective.