The Global CBPR Forum held its fall workshop at the Crimson Resort and Spa, Boracay Island, Philippines from October 22 to 24, 2025.
The three-day event, organized by the National Privacy Commission (NPC) of the Philippines, gathered approximately 200 participants representing government agencies, data protection authorities, industry leaders, and privacy professionals from Canada, Chile, Chinese Taipei, India, Japan, the Republic of Korea, Lao PDR, Morocco, Qatar, the Philippines, Singapore, South Africa, Thailand, the United Kingdom, and the United States of America. The workshop aimed to advance dialogue on cross-border data flows and promote global interoperability in privacy regulation.
The workshop focused on enhancing the implementation of the Global Cross-Border Privacy Rules (CBPR) and Global Privacy Recognition for Processors (PRP) systems. These certification-based frameworks enable organizations to demonstrate accountability in managing personal data responsibly and securely, ensuring that information remains protected even as it moves across national borders.
Discussions centered on how jurisdictions can work together to make cross-border data flows safer and more transparent. Sessions also tackled how regional and global standards such as the EU’s General Data Protection Regulation (GDPR) and ISO frameworks can align with the Global CBPR System, making it easier for consumers and businesses to trust digital exchanges across regions.
Participants worked together to identify best practices and practical solutions for strengthening data protection, particularly for small and medium-sized enterprises (SMEs) that seek to join global markets. Their recommendations aim to make digital trade more inclusive, ensuring that privacy protection benefits not only large organizations but also local innovators and consumers who depend on trusted digital systems every day.
Finally, Global Forum Assembly (GFA) continues its momentum towards growth, with new membership application and associate status currently under review. This expansion reflects the increasing interest in and active engagement of the GFA. The GFA welcomes the Dubai International Financial Centre (DIFC) as a full Member of the Global CBPR. This brings the number of participants to 10 Member and four Associates.
GFA Deputy Chair, Evelyn Goh said:
“The Global CBPR Forum continues to ‘make waves’ as a vital platform for strengthening trust in the digital economy. This workshop reaffirmed our shared commitment to advancing trusted privacy frameworks that are interoperable, inclusive, and responsive to the evolving needs of businesses and individuals worldwide. We are encouraged by the growing collaboration among jurisdictions, with the Dubai International Financial Centre becoming a full Member and Nigeria recently coming on board as an Associate. We look forward to welcoming more new members who share our vision for responsible and trusted cross-border data flows.”
The Global CBPR Forum, established in 2022 by Australia, Canada, Japan, the Republic of Korea, Mexico, the Philippines, Singapore, Chinese Taipei, and the United States of America, serves as a multilateral mechanism to support the free flow of data and effective data protection and privacy globally.
***
