The Emerging Model for Harmonizing Cross-Border Data Transfer Laws: From the APEC’s to the Global CBPR Framework

Cross-border data transfer is a controversial topic in modern digital trade law due to the different positions of major economies. While several efforts to harmonize cross-border data transfer laws have been made in the multilateral or regional forum, real progress remains limited. In this chapter, I focus on an emerging model for promoting cross-border data transfer, the Global Cross-Border Privacy Rules (“CBPR”) Framework. I review and discuss CBPR’s design and features, including the soft-law nature, the public-private gatekeeper model, and the bottom-up approach. I argue that CBPR introduces a novel approach for harmonizing cross-border data transfer with good rationales and deserves more scholarly attention.

Keywords: cross-border data transfer; GDPR; DEPA; APEC; CBPR; accountable agent