Office of Technology and Electronic Commerce

OFFICE OF TECHNOLOGY AND ELECTRONIC COMMERCE

Market Research

U.S. Industry

Trade Events

Export Assistance

Trade Policy

Industry Specialists

Quick Reference

Country/Regional Research

Industry/Sector Research

ExportIT Reports & Market Briefs

Customized Market Research

Publications & Newsletters

Research by Country/Region

May 23, 2013

Trilateral Committee on Transborder Data Flows

Printer-Friendly Version

Trilateral Committee on Transborder Data Flows

The Trilateral Committee on Transborder Data Flows was established in 2008 to further the goals of the Security and Prosperity Partnership (SPP). In April 2008, the Statement on the Free Flow of Information (Statement) was signed by representatives from Canada, Mexico and the United States. The Statement affirms that sustained economic growth is dependent on a “transparent legal, policy and regulatory environment that permits the free flow of information across borders and facilitates its use for the conduct of trade and commerce.”

In furtherance of these goals, the signatory countries established the Trilateral Committee on Transborder Data Flows (Committee). The Committee is composed of government representatives from Canada, Mexico and the United States and has been working in consultation with the business communities, civil and law societies, and academia in each country to identify and address impediments to electronic information flows across borders that affect economic growth. The work of the Committee is led by Industry Canada, the Ministry of Economy in Mexico, and the Department of Commerce in the United States.

Information regarding the Committee’s consultation sessions with stakeholders, regulations governing transborder data flows (TBDF), and other related issues is provided below. To submit questions regarding TBDF issues or to contact a representative of the Committee at the U.S. Department of Commerce, click here.

Disclaimer: The external links on this site are provided for your convenience and information. External links to other Internet sites should not be construed as an endorsement of the views, laws, or policies contained therein. The information on these sites may not be comprehensive or reflect recent changes and legislative updates.

Stakeholder Consultations
3rd Stakeholders Forum
June 15, 2009
Ottawa, Ontario, Canada

2nd Stakeholders Forum
February 4, 2009
Mexico City, Mexico

Inaugural Meeting Outcomes Report
September 25, 2008
Washington, DC, USA

Report of the Trilateral Committee on Transborder Data Flows
Press Release on Report
Full Report

Reports on Transborder Data Flows Submitted by Stakeholders
Provincial Canadian Geographic Restrictions on Personal Data in the Public Sector – by Fred Cate
Applying Canadian Privacy Law to Transborder Flows of Personal Information from Canada to the United States: A Clarification – by Kris Klein

Guidance for Businesses
Protecting Personal Information: A Guide for Business – Federal Trade Commission
How to ensure your business complies with PIPEDA – Office of the Privacy Commissioner, Canada

Events of Interests
Department of Commerce Privacy and Innovation Symposium - May 7, 2010
The 2009 Conference on Cross Border Data Flows, Data Protection & Privacy
OECD Conference on Empowering E-Consumers
Federal Trade Commission Privacy Roundtables

Relevant Laws and Regulations

Canada
Federal Personal Information Protection and Electronic Documents Act (PIPEDA)
Alberta’s Personal Information Protection Act
British Columbia’s Personal Information Protection Act and Freedom of Information and Protection of Privacy Act
Nova Scotia’s Personal Information International Disclosure Protection Act
Ontario’s Personal Health Information Protection Act, 2004, with respect to health information custodians
Quebec’s Act Respecting the Protection of Personal Information in the Private Sector

Mexico
Federal Law on Protection of Personal Data held by Private Parties
Reform to Article 16 of Constitution
Reform to Article 73 of Constitution
Mexico City’s Data Protection Bill
Colima’s Data Protection Bill
Guanajuato’s Data Protection Bill
Oaxaca’s Data Protection Bill
Tlaxcala’s Access to Public Information and Personal Data Protection Law

United States
The United States privacy framework is composed of sectoral laws combined with constitutional, statutory, regulatory, and common law protections, in addition to self-regulatory initiatives. The United States Congress has enacted legislation to protect certain highly sensitive personal information, including children’s information, medical records, and financial data. The United States has numerous federal and state laws that include privacy provisions. Select laws and regulations (with links where available) are provided below.
The Children's Online Privacy Protection Act
The Fair Credit Reporting Act
The Gramm-Leach Bliley Act
The Health Insurance Portability and Accountability Act
State Laws on Internet Privacy
State Data Breach Notification Laws

Legislative Proposals Related to Privacy and Data Protection*

Canada
Bill C-28 (Fighting Internet and Wireless Spam Act) (Royal Assent December 15, 2010)
Bill C-29 (Safeguarding Canadian's Personal Information Act)
See: The Library of Parliament’s Online Research Tool LEGISINFO

Mexico
Federal Law on Personal Data Protection (passed House April 13, passed Senate April 27)
See: The Chamber of Deputies and Senate Websites

United States
Bill S.1490 (Personal Data Privacy and Security Act)
Bill S.139 (Data Breach Notification Act)
Bill H.R.2221 (Data Accountability Bill)
Bill H.R.5108 (Cyber Privacy Act)
See: The Library of Congress’s Legislative Research Tool THOMAS

*This is not a comprehensive list of data protection legislation and may not be updated to reflect newly introduced legislation.

Trilateral Committee Member Websites
Canada
Mexico

This page was last updated on 12/05/2011. This site is operated by the Office of Technology and Electronic Commerce (OTEC) division of the International Trade Administration, U.S. Department of Commerce.