Support Centre

Asia-Pacific Bodies

Summary

Law: There is no general personal data protection law applicable across the Asia-Pacific.

Regulator: There is no general personal data protection regulator applicable across the Asia-Pacific.

Summary: There are multiple groups of jurisdictions that are formally established within the Asia-Pacific region. Of these, the two most influential in relation to personal data protection are the Asia-Pacific Economic Cooperation (APEC) and the Association of Southeast Asian Nations (ASEAN). Both of these groups have issued several frameworks and pieces of guidance to instruct governments and guide uniform approaches to personal data protection. While most of these are non-binding, some have more significant effects.

The APEC Cross-Border Privacy Rules (CBPR) system, for instance, is a data transfer mechanism that enables the free flow of personal data among participating economies where certain requirements are met; whereas the ASEAN published Model Contractual Clauses for Cross Border Data Flows can be included in the binding legal agreements between parties transferring personal data to each other across borders.

In addition, bespoke agreements are regularly made between jurisdictions to enable data sharing or align data protection practices. Although there is notable disparity among approaches to data protection within the Asia-Pacific region, these groups and agreements are seeking to establish essential standards and promote harmonization.

News

Insights

August 2023

APAC: Navigating the AI advancement

In this Insight article, Huzaifah Sehgal, from Walker Martineau Saleem LLP, explores the rapid rise of artificial intelligence (AI) in the Asia-Pacific region, its impact on various industries, the challenges related to AI regulation, and the need for an accountable and ethical approach to foster trust and further integration of AI technologies in the APAC region.

May 2021

International: Diversity and inclusion surveys in APAC

Diversity and inclusion programmes are becoming increasingly popular across the globe due to a growth in awareness and a demand for organisations to support values, such as equity and inclusion. While actively engaging in diversity and inclusion initiatives may help organisations to better understand, manage, and develop the business, it is not always clear what data can, and cannot, be included in diversity monitoring surveys or what the rules are for such data collection.

The legal requirements surrounding information relating to an individual's race, gender, ethnicity, sexuality, and health differ from country to country, with some classifying such data as 'sensitive data', while others view it under the umbrella of 'personal information'.

OneTrust DataGuidance Research has consulted with a number of legal experts operating within the Asia Pacific region in order to uncover the requirements for the collection and use of employee data for diversity and inclusion surveys. The countries covered in this Insight article include Australia, China, Singapore, Japan, Hong Kong, and India.

Company

Our Policies

Your Rights

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
© OneTrust, LLC. All Rights Reserved.
The materials herein are for informational purposes only and do not constitute legal advice.