[Federal Register Volume 77, Number 146 (Monday, July 30, 2012)]
[Notices]
[Page 44582]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2012-18515]



[[Page 44582]]

-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE


Applications To Serve as Accountability Agents in the Asia 
Pacific Economic Cooperation (APEC) Cross Border Privacy Rules (CBPR) 
System

AGENCY: International Trade Administration, Department of Commerce.

ACTION: Notice of Opportunity for Organizations to Submit Applications 
to Serve as Accountability Agents in the Asia Pacific Economic 
Cooperation (APEC) Cross Border Privacy Rules (CBPR) System.

-----------------------------------------------------------------------

SUMMARY: The International Trade Administration's Office of Technology 
and Electronic Commerce (OTEC) invites interested organizations to 
submit applications for recognition by APEC to act as an Accountability 
Agent for U.S.-based companies that are subject to Federal Trade 
Commission jurisdiction as part of APEC's Cross Border Privacy Rules 
system.

DATES: Applications may be submitted beginning in July 2012. There is 
no closing date for submitting applications.

ADDRESSES: All questions concerning this notice should be sent to the 
attention of Joshua Harris at one of the following addresses. See 
SUPPLEMENTARY INFORMATION for additional instructions on submitting 
applications.Joshua Harris: 1401 Constitution Ave. NW., Room 4324, 
Washington, DC 20230.[email protected].

FOR FURTHER INFORMATION CONTACT: Joshua Harris, Office of Technology 
and Electronic Commerce, International Trade Administration, U.S. 
Department of Commerce, by telephone at (202) 482-0142 (this is not a 
toll-free number) or by email at [email protected].

SUPPLEMENTARY INFORMATION: In 2004, Leaders of the 21 APEC economies 
endorsed the ``APEC Privacy Framework'' (Framework). The goal of the 
Framework is to facilitate the flow of information between the 21 
economies in APEC by promoting a common set of privacy principles that 
will enhance electronic commerce, facilitate trade and economic growth, 
and strengthen consumer privacy protections. In order to implement this 
Framework, member economies developed a voluntary system of Cross 
Border Privacy Rules (CBPR), which was completed in September 2011 and 
endorsed by APEC Leaders in November 2011 (the Leaders' Declaration is 
available at http://www.apec.org/Meeting-Papers/Leaders-Declarations/2011/2011_aelm.aspx). The Leaders' Declaration instructs APEC member 
economies to implement the APEC Cross Border Privacy Rules System to 
reduce barriers to information flows, enhance consumer privacy, and 
promote interoperability across regional data privacy regimes. In July 
2012, the United States formally commenced participation in the CBPR 
system.
    The 21 APEC economies include Australia, Brunei Darussalam, Canada, 
Chile, the People's Republic of China, Hong Kong, Indonesia, Japan, the 
Republic of Korea, Malaysia, Mexico, New Zealand, Papua New Guinea, 
Peru, Philippines, Russia, Singapore, Chinese Taipei, Thailand, the 
United States, and Vietnam.
    The CBPR system requires organizations to develop their own 
internal business rules on cross-border privacy procedures, which must 
be assessed as compliant with the minimum requirements of the APEC 
system by an independent public or private sector body, called an 
Accountability Agent. Under the CBPR system, an ``Accountability 
Agent'' is a third-party organization that provides verification 
services related to the data privacy policies and practices for those 
businesses seeking CBPR certification. Only APEC-recognized 
Accountability Agents may perform CBPR certifications. A recognized 
Accountability Agent would only be able to certify as CBPR compliant 
those organizations that are subject to the enforcement authority of 
the Cross-border Privacy Enforcement Arrangement (CPEA)--participating 
privacy enforcement authorities within the economies in which it has 
been approved to operate. The CPEA creates a framework for regional 
cooperation in the enforcement of privacy laws. In the case of the 
United States, organizations interested in serving as an Accountability 
Agent for U.S.-based companies must be subject to the enforcement 
authority of the Federal Trade Commission, the U.S. privacy enforcement 
authority for the CBPR system. APEC recognition is granted by a 
consensus determination by APEC member economies that an applicant 
Accountability Agent meets the established recognition criteria.
    APEC's ``Accountability Agent APEC Recognition Application'', a 61 
page document which details the application process as well as the 
recognition criteria, is available at: www.export.gov/infotech.
    Interested organizations must notify the Department of Commerce of 
their intent to seek APEC recognition and submit a completed 
application for initial review to the Office of Technology and 
Electronic Commerce by email at [email protected]. Only complete 
application packages will be forwarded on to APEC for consideration of 
recognition.

    Dated: July 25, 2012.
Robin Layton,
Director, Office of Technology and Electronic Commerce, U.S. Department 
of Commerce.
[FR Doc. 2012-18515 Filed 7-27-12; 8:45 am]
BILLING CODE 3510-DR-P