U.S. Department of Commerce

Commerce and International Privacy Activities: The US-EU Safe Harbor Agreement

With the adoption of the European Union’s Data Protection Directive [21] in 1995 and its implementation in 1998, much of the concern about transborder data flows of personal information centered on the export restriction policies of the Directive. Article 25 generally provides that exports of personal data from EU Member States to third countries are only allowed if the third country ensures an adequate level of protection. While some countries have been found to provide an adequate level of protection according to EU standards, the United States has never been evaluated for adequacy or determined to be adequate.

Commerce and International Privacy Activities: Safe Harbor Studies

 Report home | Read the report (PDF) | Previous section | Next section   Three studies of the Safe Harbor Framework were conducted since the start of Safe Harbor. The first study was conducted in 2001 at the request of the European Commission Internal Market DG [2001 Study]. [29] The second study, completed in 2004,

Commerce and International Privacy Activities: Recent Safe Harbor Developments

The shortcomings of the Safe Harbor Framework have come to the attention of some data protection authorities in Europe. In April 2010, the Düsseldorfer Kreis, a working group comprised of the 16 German federal state data protection authorities with authority over the private sector, adopted a resolution applicable to those who export data from Germany to US organizations that self-certified compliance with the Safe Harbor Framework. The resolution tells German data exporters that they must verify whether a self-certified data importer in the US complies with the Safe Harbor requirements.

Commerce and International Privacy Activities: APEC

The Asia Pacific Economic Cooperation (APEC) is a grouping of 21 member economies in the Asia Pacific Region, including Russia, China, and the United States. APEC was established in 1989 to facilitate economic growth, cooperation, trade, and investment in the region.

The Asia-Pacific Economic Cooperation (APEC) is a forum for 21 member economies in the Asia Pacific region. APEC includes Russia, China, and the United States as members. APEC adopted a Privacy Framework in 2004. The APEC Privacy Framework is largely viewed as an attempt to create a different international privacy regime as an alternative to the European Union’s Data Protection Directive. Whether APEC will succeed in influencing international privacy developments in a meaningful way remains to be seen.

Commerce and International Privacy Activities: Conclusion

The World Privacy Forum prepared this report in part because the role of the Department of Commerce in privacy may change in the near future. The Department of Commerce is co-chair with the Department of Justice on the Subcommittee on Privacy and Internet Policy established by the Obama Administration toward the end of 2010. It is not comforting to consumer privacy advocates that Department of Justice is a law enforcement agency that is often antagonistic to consumer privacy interests, that the Commerce Department has mostly represented business interests in international privacy matters, and that the Commerce Department does not have an admirable record in the areas of privacy that it currently oversees. This leaves the leadership of the Subcommittee on Privacy and Internet Policy without a strong voice for consumer privacy interests.