Cross-border data flows are a vital part of our vibrant and growing digital economy in the Asia-Pacific region.

Through the APEC Cross-Border Privacy Rules (CBPR) System, participating businesses and governments across the region are working together to ensure that when your personal information moves across borders, it is protected to the standards prescribed by the APEC Privacy Framework.

How does the APEC CBPR System help protect your information?

Participating companies are required to adhere to the standards established by the APEC CBPR system and to domestic laws in the economies in which they operate. All APEC CBPR System certified companies have their privacy policies and practices evaluated by an approved independent third party verifier (known as an “Accountability Agent”). Accountability Agents monitor and enforce companies’ compliance with the APEC CBPR program requirements. In appropriate cases, they are also required to report non-compliance to Privacy Enforcement Authorities.

How to report a complaint
Only organizations currently certified by an APEC-recognized Accountability Agent may display a seal, trustmark, or otherwise claim to participate in the CBPR System.

To verify that an organization is a participant in the CBPR System, visit the compliance directory, which lists the Accountability Agent and relevant privacy enforcement authority for every CBPR-certified organization. You can first seek to resolve your complaint directly with the CBPR-certified organization.  If the resolution is not satisfactory, you can report a complaint about a CBPR-certified organization to:

  • the Accountability Agent that certified the organization;
  • the relevant privacy enforcement authority listed in the compliance directory; or
  • the email address
  • You can report an organization that claims to participate in the CBPR system but is not listed in the compliance directory to

More Information

Find out which organisations are Accountability Agents here.