Date: 16 Oct 2019
Data Privacy in ASEAN and Europe
On 15 Oct, we partnered with French Tech Cyber to bring both our communities a panel discussion around the topic, “Data Privacy in ASEAN and Europe”, with guest panellists Clarisse Girot, Data Privacy Project Lead at Asian Business Law Institute (ABLI), and Wendy Lim, Director, Cyber Security Consulting at KPMG. Geraldine Pelissier from French Tech Cyber moderated the event.
We were also very honoured to have the French Ambassador, His Excellency Marc Abensour giving an opening address at the event.
Key takeaways from the panel include:
Privacy is not limited to the EU
The GDPR came into force in May 2018, two years after it was published in the EU Official Journal in May 2016. While not offering the same level of protection as the EU yet, data privacy protection in ASEAN countries are moving towards this.
In November 2016, the ASEAN Framework on Personal Data
Protection established a set of principles to guide the implementation of measures at both national and regional levels to promote and strengthen personal data protection in the region.
The following year, ASEAN released a statement of cybersecurity cooperation in addition to ongoing efforts to foster regional cybersecurity cooperation.
Singapore’s Personal Data Protection Act 2012 (PDPA), which has been in force since 2014, is the closest regulation to GDPR in the region.
Lengthy privacy notices are ineffective
So it’s better for organisations to consider other options for privacy notices. For example, according to Florian Schaub in this article, an organisation could break up documents into smaller chunks and deliver them at times that are appropriate for users.
Privacy laws are not hindrance, they are enablers for businesses
Compliance with the GDPR will do all businesses good. It helps companies transfer data between countries outside of the EU with the EU, and helps to promote and grow regional and global trade.
Earlier this year, the European Commission (EC) issued its adequacy decision on Japan — this means Japan’s privacy regulations “mirror” the GDPR, easing data transfer between the two markets, making it easier to do business.
Singapore’s Infocomm and Media Development Authority (IMDA) has launched the Data Protection Trustmark (DPTM) certification to help organisations demonstrate accountability for data protection practices. Businesses should consider getting DPTM certification to increase their competitive edge and build customer trust.
For more updates like this, follow ICE71 on our web and social channels!