Getting Certified: Cisco Demonstrates Dedication to Customer Success through APEC Privacy Compliance

Aug 25, 2021 by Josh Harris, Director, Global Privacy Initiatives, BBB National Programs

No matter the size of a business, data privacy is a key component of maintaining customer trust. And in a global economy, where companies are required to process data from around the world, a cross-border solution that considers differing privacy laws is mandatory. Responsible businesses have an obligation to embrace global privacy best practices and to verify that they meet baseline standards through independent reviews.

Cisco is an example of how a global company must navigate a variety of legal privacy regimes, while also being dedicated to leading the way on data privacy to maintain and further enhance a trusted relationship with its customers. To thread this needle, Cisco has chosen to rely on a third-party privacy certification offered by our team at BBB National Programs. 

Establishing uniform privacy practices that go beyond mere compliance with data protection laws will ensure that all Cisco customers from Singapore to San Diego are provided with the same responsible stewardship of their personal information.

Cisco demonstrates this commitment by embracing the APEC Cross-Border Privacy Rules (CBPR) system, a robust accountability mechanism. Pursuing CBPR certification means subjecting its privacy policies and procedures to independent review through its Accountability Agent, BBB National Programs. 

This ongoing oversight also includes a dispute resolution mechanism. If Cisco is not able to resolve a customer’s privacy complaint, customers are empowered to submit it to BBB National Programs for review and resolution. 

The CBPR certification and seal demonstrate that Cisco embraces the rigorous privacy standards endorsed by the APEC economies, which track closely with best practices for privacy and security recognized around the globe. 

Recently, U.S. Secretary of Commerce Gina Raimondo expressed public support of the CBPR system for its ability to “establish a baseline of practices for responsible, voluntary, enforceable, and secure data sharing across borders.”

Similarly, Cisco relies on the coordinating APEC Privacy Recognition for Processors (PRP) certification and seal to ensure that its vendors meet the same high standards when processing data on behalf of other companies. 

“APEC CBPR and PRP are important certifications that enable businesses of all sizes to demonstrate their commitment to safe and accountable personal data handling no matter where in the world the processing is taking place,” said Harvey Jang, Vice President and Chief Privacy Officer for Cisco Systems, Inc.

Our role at BBB National Programs as an independent provider of privacy certifications, assessments, and dispute resolution is to help companies confidently demonstrate that their privacy practices are built upon the principles that form the building blocks for global privacy standards. Reach out to to learn more. 

Suggested Articles


Fifty Shades of Consumer Health Data: Unclear Expectations for Digital Privacy

While momentum continues to build around what a regulated consumer health privacy landscape looks like, the environment remains shrouded in shades of gray. To date, a risk-based approach to consumer health data does not exist, but we believe a sliding scale for the risks carried by consumer health data should.
Read more

Fifty Shades of Consumer Health Data: How a Risk-Based Approach Provides More Clarity

This piece includes a list of routine examples of consumer health information, that, at face value may have one level of risk. But, depending on the context and the risk associated with the use of that data, and whether it is combined with other data sources and data elements or made available in the public domain, it could lend itself to differing levels of regulation and enforcement activity.
Read more

California Privacy Enforcement: Whose Job Is It Anyway?

The California Privacy Rights Act of 2020 went into effect bringing new privacy rights to California consumers and created the California Privacy Protection Agency. CCPA will continue to be enforced by the California Office of the Attorney Genera. Which begs the question: Whose enforcement is it anyway?
Read more

Unsubstantiated Claims May Lead to Civil Penalties

The U.S. economy is built on a fair and transparent product marketplace. It is the responsibility of companies to have adequate substantiation for health and safety claims and to hold their competitors to the same standard.
Read more