The FTC Joins the Global CBPR Party

Jan 29, 2024 by BBB National Programs' Global Privacy Division

This month, the Federal Trade Commission (FTC) announced participation in the Global Cooperation Arrangement for Privacy Enforcement (Global CAPE), which supplements the global Cross Border Privacy Rules (CBPR) program, which itself will be expanding globally to become the CBPR Global Forum

In the statement the FTC clarified that their position is nonbinding and supports the necessary alignment between the agency and the work being completed on aligning privacy and data security issues focused on law enforcement, “without having to negotiate a separate memorandum of understanding with each participant.”

The FTC’s announcement signals the agency’s interest in keeping pace with the increasingly global nature of commerce and marks an important step forward for the global expansion of CBPRs. 

During workshops on the evolving CBPR system that took place last fall, it was clear that the CBPR system, which was once focused on only the Asian Pacific and Eastern economies, is indeed moving to a more global posture, adding countries with shared privacy values and regulatory frameworks from beyond the Eastern hemisphere. 

This movement reflects the need for more uniform global cooperation, sustainability, longevity, and interoperability in global data privacy. 

As it stands currently, more than 125 countries have their own unique data privacy laws, creating a fragmented ecosystem of data privacy laws and regulations worldwide. The CBPR framework offers a uniform solution to the existing patchwork, by bringing together the common requirements that are also most vital to safe and secure data processing and sharing across economies.

 

What do companies need to know? 

Companies proactively demonstrating compliance to the current CBPR framework will be seamlessly grandfathered in to the Global CBPR framework. 

Of note, the CBPR framework is very closely aligned (78%, to be exact) to other interoperable privacy programs like the EU-U.S. Data Privacy Framework (formerly Privacy Shield), which means that companies can feel a renewed confidence that they are not duplicating the work, but instead able to work toward uniform compliance across a series of data privacy regimes in the East and West. 

 

Which economies will participate? 

At this point it is not clear which countries will be added to the list of nine existing economies (United States, Mexico, Japan, Canada, Korea, Singapore, Australia, Philippines, and Chinese Taipei, with the UK as an associate).

However, we do know that some of the most interested countries may include: Sri Lanka, Nepal, Maldives, Peru, Colombia, Brazil, South Africa, Qatar, Ghana, and Saudi Arabia.

 

What new requirements could be added when CBPR goes global? 

It is yet to be determined whether new requirements will be added that go beyond the current CBPR framework. Topics such as risk assessments to appropriately assess harm, data breach requirements to signal robust data security safeguards, and data mapping and governance will remain as important additional, business compliance considerations when leveraging the CBPR framework. 

Learn more about BBB National Programs’ CBPR Program and Data Privacy Framework Services.

Suggested Articles

Blog

5 Missteps to Avoid When Applying or Recertifying to the DPF Program

Each year, participants in the DPF Program need to recertify with the Department of Commerce. To help companies navigate it, our Global Privacy Division has outlined five key recommendations to keep in mind to avoid common missteps with the process.
Read more
Blog

Sharing Holiday Cheer (but Not a Child’s Personal Information)

Not surprisingly, cell phones, connected toys, and toys advertised on social media top wish lists of kids everywhere. To help ensure your holiday shopping experiences are as safe as possible, the team at CARU put together some holiday tips.
Read more
Blog

Rev Up for the Holidays: BBB AUTO LINE Has You Covered

If you encounter any issues with your new vehicle, the BBB AUTO LINE program is here to help you resolve disputes quickly and fairly—without the need for costly legal battles. While most vehicles perform as promised, it’s crucial to be prepared if you find yourself with a potential “lemon” on your hands.
Read more
Blog

Getting Political and Going Digital: Analyzing Political Digital Advertising Compliance

When it comes to political advertising, are consumers getting an appropriate level of disclosure and meaningful notice? Are consumers aware of their choices for opting out of viewing the ads? Are stakeholders in the political advertising space compliant? The Digital Advertising Accountability Program is analyzing this year's political advertising trends.
Read more