Getting Certified: Cisco Demonstrates Dedication to Customer Success through APEC Privacy Compliance

Aug 25, 2021 by Josh Harris, Director, Global Privacy Initiatives, BBB National Programs

No matter the size of a business, data privacy is a key component of maintaining customer trust. And in a global economy, where companies are required to process data from around the world, a cross-border solution that considers differing privacy laws is mandatory. Responsible businesses have an obligation to embrace global privacy best practices and to verify that they meet baseline standards through independent reviews.

Cisco is an example of how a global company must navigate a variety of legal privacy regimes, while also being dedicated to leading the way on data privacy to maintain and further enhance a trusted relationship with its customers. To thread this needle, Cisco has chosen to rely on a third-party privacy certification offered by our team at BBB National Programs. 

Establishing uniform privacy practices that go beyond mere compliance with data protection laws will ensure that all Cisco customers from Singapore to San Diego are provided with the same responsible stewardship of their personal information.

Cisco demonstrates this commitment by embracing the APEC Cross-Border Privacy Rules (CBPR) system, a robust accountability mechanism. Pursuing CBPR certification means subjecting its privacy policies and procedures to independent review through its Accountability Agent, BBB National Programs. 

This ongoing oversight also includes a dispute resolution mechanism. If Cisco is not able to resolve a customer’s privacy complaint, customers are empowered to submit it to BBB National Programs for review and resolution. 

The CBPR certification and seal demonstrate that Cisco embraces the rigorous privacy standards endorsed by the APEC economies, which track closely with best practices for privacy and security recognized around the globe. 

Recently, U.S. Secretary of Commerce Gina Raimondo expressed public support of the CBPR system for its ability to “establish a baseline of practices for responsible, voluntary, enforceable, and secure data sharing across borders.”

Similarly, Cisco relies on the coordinating APEC Privacy Recognition for Processors (PRP) certification and seal to ensure that its vendors meet the same high standards when processing data on behalf of other companies. 

“APEC CBPR and PRP are important certifications that enable businesses of all sizes to demonstrate their commitment to safe and accountable personal data handling no matter where in the world the processing is taking place,” said Harvey Jang, Vice President and Chief Privacy Officer for Cisco Systems, Inc.

Our role at BBB National Programs as an independent provider of privacy certifications, assessments, and dispute resolution is to help companies confidently demonstrate that their privacy practices are built upon the principles that form the building blocks for global privacy standards. Reach out to GlobalPrivacy@bbbnp.org to learn more. 

Suggested Articles

Blog

Old MacDonald Had an Engagement Farm: Lessons Learned from FTC v. NGL

Capturing user engagement is the foundation of internet commerce. And while the incentives to prompt greater engagement are certainly understandable, the recent NGL Labs case from the FTC raises important questions about the ethical and legal ramifications when companies try to artificially generate engagement among their userbase.
Read more
Blog

Independence Day Edition: CBPR Framework Offers “Checks & Balances”

Going, Going, Gone Global, a webinar on the CBPR Global Forum, delved into how privacy impacts businesses’ brand reputation and builds trust with key stakeholders, discussed the purpose of the Global CBPR, and its value to Global Forum members.
Read more
Blog

Industry Self-Regulation: Part of the Solution for Governing Generative AI

The spotlight on generative AI remains bright. The benefits and risks continue to be ever-present in the minds of business and political leaders. No matter the timing or the setting, the creation of transparency, accountability, and collaboration among stakeholders is key to successful industry self-regulation as is the importance of setting standards and best practices.
Read more
Blog

The Demise of “Chevron Deference”: Who Will Fill the Regulatory Gaps?

The Supreme Court's 1984 ruling in Chevron v. NRDC held that courts should defer to federal agencies’ interpretations of ambiguous federal laws so long as those interpretations are reasonable. So given the court’s decision to overturn it, where does that leave companies that want a level playing field and perhaps even to raise the bar, instead of racing to the bottom?
Read more