At a March 25 hearing at the U.S. Federal Trade Commission, global regulators looked for ways to more seamlessly integrate enforcement cooperation. The hearing was the 11th in the FTC's ongoing series on competition and consumer protection in the 21st century.
Regulators largely agreed there is room for increased global cooperation on consumer protection and data privacy, while citing the success of several trans-border frameworks that seem to be bearing fruit, including the EU's "Consumer Protection Cooperation Network," a network of authorities within the European Union and the European Economic Area responsible for enforcing EU consumer protection laws, as well as the memorandum of understanding the FTC has with the Canadian Radio-television and Telecommunications Commission to help combat do not call and spam that flows across borders.
Globally, of course, it could be difficult to come up with a single way to regulate or an agreement that could house it, given the various cultural norms and regulatory frameworks within each country. But that doesn't mean there isn't room for improvement and to centralize resources.
On hand was the EU's acting director for consumer affairs, Marie-Paule Benassi, who also serves as the directorate-general for justice and consumers at the European Commission. Benassi indicated it's important for any future framework that there's a differentiation between "privacy" and "confidentiality" within investigations.
She said often a jurisdiction will refuse cooperation because of issues of privacy, but the EU General Data Protection Regulation has streamlined sharing in a way that eliminates confusion on the legal parameters there.
"In the EU I think we have solved this, and the GDPR helps a lot to clarify that authorities can exchange information, including information which contains personal data. So this enables, in principle, a very seamless type of cooperation within the EU, because for law enforcement purposes we can exchange this information between authorities in member states or in other member states, and in this way the GDPR is an enabler," Benassi said. "When we look into the implementation of the GDPR in international cooperation, we should look at it in the same way, as an enabler."
She cited the EU's ability to sign international agreements with third countries and said the EU "would like to start talking with the FTC about this agreement," but added it's important the agreement be formal.
"It's important the formal part is there; the formal part is an enabler for an efficient cooperation," she said.
Jeffrey Thomson is a senior intelligence analyst at the Canadian Anti-Fraud Centre under the Royal Canadian Mounted Police and spoke optimistically about future cooperation.
"As long as there's a willingness to share, there's a way to share. And a way to do it legally."
Thomson cited the Toronto Strategic Partnership, founded in 2000 and including the FTC and the U.S. Postal Inspection Service, as well as law enforcement agencies in Canada and the U.K., as an indicator of cross-border cooperation working well. The partnership aims to combat fraud emanating from the province of Ontario.
He said enforcement isn't the only way to protect consumers.
"One area for more global enforcement cooperation is disruption, and by disruption I'm not talking about enforcement action cooperation with private-sector actors," he said. Rather, he cited the use of data captured in central fraud databases that's used to block and shut down foreign actors in things like counterfeit schemes, for example.
James Sullivan, deputy assistant secretary for services at the Department of Commerce, said cross-border data flows are important and beneficial to consumers and economies both, but the problem to be addressed is regulatory disparity.
So the Department of Commerce is asking, in conjunction with the FTC: "How do you continue to facilitate these cross-border data flows when you're dealing with countries that have all adopted varying approaches?
"This is my personal opinion," Sullivan said. "I think we're probably quite a long ways off from any global standard." He said while countries like India and Brazil have been looking at the GDPR as an example, "No one is replicating the GDPR exactly; there are still these differences, and these are going to continue because different countries have different cultural norms and legal traditions and histories." He said the challenge is to figure out how these different regimes can work together and pointed to the APEC Cross-Border Privacy Rules as a strong example of a framework that embraces interoperability.
Marie-Paule and Thomson agreed, and said the challenge ahead for governments will be in determining priorities.
"There is an increasing abundance of information out in the world, and we need to be able to prioritize our enforcement efforts," he said. He said government needs to work smarter.
Benassi said internet fraud is becoming "a very big problem in terms of the harm caused to consumers, and collectively in the world. If we don't prioritize and don't find efficient ways ... I think it is going to become more and more difficult to prevent fraud." She added regulators need to build links between competition, data protection and consumer protection.
To read more on the FTC's efforts, find the questions the agency is aiming to solve for and future hearing dates here.
If you want to comment on this post, you need to login.