Rumours of the demise of the Trans-Pacific Partnership (TPP) have proved premature. It has been given new life - with some important changes – as the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP). What has happened and does this mean anything for privacy?

By way of background, when the United States pulled out of the TPP, this meant that the trade treaty could not proceed. This was due to an unusual formula for commencement based upon the size of the economies signing up, not merely the number. Effectively, the big economies, the US and Japan, each had a veto over the agreement even if all other TPP partners had signed on.

However, with the departure of the US, the remaining 11 TPP partner economies decided to forge ahead anyway with TPP Mark II or, more correctly, the retitled Comprehensive and Progressive Agreement for Trans-Pacific Partnership.

Important differences

The CPTPP is based on the exact text of the TPP. However, there are some important differences.

Perhaps most significantly, some 20 provisions from TPP have been ‘suspended’ meaning that, in effect, they’re not part of what is now to be adopted and that agreement of all CPTPP members would be needed for these provisions to apply in the future.

It would appear that those suspended provisions were included in the TPP at the behest of the US and, one presumes, only reluctantly by the other 11 partners. This helpful fact sheet - TPP and CPTPP: The differences explained - from the Ministry of Foreign Affairs and Trade (MFAT) notes that the suspensions will remove some provisions that caused anxiety in sections of the New Zealand public (e.g. concerns that TPP might put Pharmac’s purchasing model at risk or unduly favour copyright owners at the expense of the public).

MFAT has published a lot of information on CPTPP on its website. It has highlighted the importance of the agreement including, for instance, the fact that it includes four countries with which New Zealand has never had a free trade agreement (Japan, Canada, Mexico and Peru). As an aside, each of those four countries has a privacy authority that is a member of the Asia Pacific Privacy Authorities Forum, the main network in our region for cooperation amongst privacy regulators.

Privacy regulation

So has anything changed between TPP and CPTPP in relation to privacy regulation? In relation to the principal provisions found in the Electronic Commerce chapter, it appears that the position remains the same as described in earlier blog posts in October and November 2015. 

The key provision is Article 14.8 which is entitled “Personal information protection”.

The article commences with a high level statement recording that the parties “recognise the economic and social benefits of protecting the personal information of users of electronic commerce and the contribution that this makes to enhancing consumer confidence in electronic commerce.”

To give effect to that high level aspiration, the article imposes a positive obligation on each party. It provides that they “shall” adopt or maintain a legal framework that provides for the protection of the personal information of the users of electronic commerce.

The article adds that “in the development of its legal framework for the protection of personal information, each party should take into account principles and guidelines of relevant international bodies”.

The article goes onto provide that “each party shall endeavour to adopt non-discriminatory practices in protecting users of electronic commerce from personal information protection violations occurring within its jurisdiction”.

The article further provides that each party should publish information on the personal information protections it provides to users of electronic commerce, including how individuals can pursue remedies and business can comply.

Flexible implementation

The article concludes with a fairly lengthy statement:

“Recognising that the parties may take different legal approaches to protecting personal information, each party should encourage the development of mechanisms to promote compatibility between these different regimes. These mechanisms may include the recognition of regulatory outcomes, whether accorded autonomously or by mutual arrangement, or broader international frameworks. To this end, the parties shall endeavour to exchange information on any such mechanisms applied in their jurisdictions and explore ways to extend these or other suitable arrangements to promote compatibility between them.”

Although not stated expressly, it might be expected that one such mechanism could be the APEC Cross Border Privacy Rules system (CBPRs).

In closing, it might be said that for a short while TPP appeared to be destined for a dead end but there has been an impressive turnaround and son-of-TPP may have a reasonable chance of adoption. Although in this age it seems unlikely that any trade agreement will achieve wide popularity, it appears that the 11 partners – with the benefit of not having the US in the negotiations - have managed to remove some of the aspects that had attracted particular controversy to TPP.

On the privacy front, the agreement carries clear obligations on the parties to adopt or maintain a legal framework that provides for the protection of the personal information, at least in the context of the users of electronic commerce, which is a new obligation for this region.

Image credit: Wave via Pixabay - Creative Commons licence 

International, Asia Pacific