Regulators from Europe and Asia Pacific were among those to adopt a new resolution on enforcement cooperation (3-page / 115KB PDF) at the International Conference of Data Protection and Privacy Commissioners (ICDPPC). The resolution sets out the backing of the watchdogs for an underlying agreement that includes the processes for enforcement cooperation.
A spokesperson for the UK Information Commissioner's Office (ICO) told Out-Law.com that the agreement itself has yet to be formally signed by the DPAs but that this is expected to happen at next year's ICDPPC.
However, the spokesperson said that that fact would not preclude DPAs from taking coordinated enforcement action in line with the terms of the agreement within the next year should they decide to do so. In any event, signing up to the agreement will not bind DPAs into using it for every transnational enforcement case they are involved with, the spokesperson said.
"The new co-operation framework will help regulators to offer a credible global response to global threats," UK Information Commissioner Christopher Graham, who spearheaded the new initiative along with Canada's Privacy Commissioner Daniel Therrien, said.
Therrien said: "In a global world, a single issue can negatively impact the privacy rights of huge numbers of people in many countries. The Arrangement addresses an urgent need for data protection authorities to work together to address cross-border privacy violations."
The ICO has promised to make more information about how the new agreement would work in practice public available next week.
Data protection law expert Marc Dautlich of Pinsent Masons, the law firm behind Out-Law.com, said: "As regulators across all industries and including within the sphere of data protection grapple with growing demands and stretched resources, there has been a push towards greater cooperation by agencies that deal with the same issues."
"A more efficient regulation of data protection within the EU is envisaged under the proposed 'one stop shop' mechanism contained in the draft General Data Protection Regulation. However, agreement has yet to be reached on how this mechanism will work in practice amidst concern about the varying approaches to tackling non-compliance that have been adopted by DPAs. It is to be hoped that this transnational agreement on enforcement cooperation does not falter in future as a result of similar concerns," he said.
According to the new resolution, a new information-sharing platform could also be developed to help DPAs communication on transnational enforcement matters.
"The 36th International Conference of Data Protection and Privacy Commissioners … resolves to … support the development of a secure international information platform which offers a ‘safe space’ for members of the International Conference and their partners to share confidential information and, to facilitate the initiation of coordinated enforcement action and, complement other international enforcement coordination mechanisms, adding value to the international enforcement operational framework," the resolution said.