On April 3, 2014, Markus Heyder published an opinion piece on global privacy interoperability in the International Association of Privacy Professionals’ Privacy Perspectives blog, entitled Getting Practical and Thinking Ahead: ‘Interoperability’ is Gaining Momentum. Heyder recently left the Federal Trade Commission to join the Centre for Information Policy Leadership at Hunton & Williams as Vice President and Senior Policy Counselor. During his tenure at the FTC, Heyder spent a significant amount of time working on EU-U.S. Safe Harbor and APEC Cross-Border Privacy Rules (“CBPRs”) issues.
In the opinion piece, Heyder argues that schemes that create “interoperability” between different privacy and legal regimes may be the most practical way forward in terms of delivering consistent privacy protections globally. Such schemes include codes of conduct, privacy seals and marks and similar accountability systems that are negotiated based on shared principles and values among the relevant stakeholders and participants. Existing examples of such interoperability models are the EU-U.S. Safe Harbor Framework, the APEC CBPRs and Binding Corporate Rules.
The recent collaboration by the Article 29 Working Party and the APEC Data Privacy Sub-Group on a document comparing the CBPRs to BCRs (to be used by companies that want to certify under both systems) is evidence of the keen interest in these mechanisms among privacy regulators. At the very least, this collaboration has opened the door to further work toward interoperability between APEC and the EU, and it also may have set an example for similar potential initiatives elsewhere. Given the realities of the global data economy and the associated privacy risks, the pressure to find practical solutions is on the rise. Privacy professionals, regulators and other relevant stakeholders would be well-advised to keep up the current momentum toward creating global interoperability.