Data is the new oil. But unlike the yellowish-black liquid mixture, discrete units of information cannot be found in deep-sea wells. Data is more like air. And its movement across borders has been made easy by the Internet and international trade. Governments have been looking to keep their flow going while trying to protect individuals’ privacy.
In 1998, Asia-Pacific Economic Cooperation (APEC) members, recognising the importance of Internet-based commerce, developed a framework to facilitate participation of small businesses in global commerce. The member countries envisaged a future in which e-commerce would expand business opportunities, reduce costs, enhance efficiency, and improve quality of life.
While the framework aimed to promote electronic commerce in the Asia Pacific region, it also held on to the core values of the 1980’s OECD Guidelines on the Protection of Privacy and Trans-Border Flows of Personal Data. It reaffirmed the value of privacy to individuals and to the information society.
Since drafting that blueprint, technology has transformed almost all industries. Global trade flows have increased as digitisation has changed how information flows between two countries.
This shift in global trade made APEC members to update their 1998 blueprint. They made two changes, one in 2005, and another in 2015, to include topics on protecting privacy while maintaining data flow.
Now, the 24-year-old framework is once again tweaked as governments explore new rules to govern data flow across borders.
Current participating countries in the APEC, U.S., Japan, Canada, South Korea, the Philippines, Singapore, and Chinese Taipei, have established a global Cross-Border Privacy Rules (CBPR) forum. They plan to set up an international certification system based for businesses in the region.
The certification system seeks to find a balance between holding companies accountable for their data use, and protecting individuals from harm and misuse, while being globally scalable. And it is further aimed at enabling participation from beyond the APEC member countries.
The system is seen as the beginning of a new era of multilateral cooperation in promoting trusted global data flows.
“The Global CBPR system is an important step toward enabling continued, trusted data flows between participating jurisdictions” Google’s Chief Privacy Officer Keith Enright said in a blog post.