The Cross Border Privacy Rules (CBPR) voluntary system is an initiative to facilitate transnational mutual recognition from the Asia-Pacific Economic Cooperation (APEC). The CBPR is based on the APEC Privacy Framework and includes privacy principles that APEC member economies have agreed to recognize. The goals of the Rules are to reduce barriers to information flows, enhance consumer privacy and promote interoperability across regional data privacy regimes.
Upon implementation, the CBPR system will require interested applicants to demonstrate that they comply with a set of CBPR program requirements based on the APEC Privacy Framework. Moreover, the commitments an applicant makes during this process, while voluntary, must be enforceable under laws in member economies. Successful CBPR certification will entitle participating companies to represent to consumers that they are accountable and meet stringent and globally recognized standards, thereby facilitating the transfer of personal data throughout the APEC region.
On July 25, 2011, the United States was approved as the first formal participant in the system and the FTC as the system's first privacy enforcement authority. Currently, the U.S., Mexico, Canada and Japan are participants in the APEC CBPR framework.