GDPR – The European Union’s data protection regulation which was introduced in May 2018 to regulate the usage of data of its citizens by companies within its member states has not only had a major effect in its own region in terms of data, privacy, security, transparency and how we communicate to mention a few, but it’s had a major knock-on effect here in South East Asia.
GDPR does not just apply to member states in EU, any organisation worldwide which processes or holds data of EU residents must comply. The European Union’s GDPR Data Protection laws have made countries across the globe look at their own data protection regulations and for many regions, it has presented challenges – for example, here in South-east Asia, many countries have many different regulatory frameworks and even some countries without a regulatory framework at all.
South-East Asia trades heavily with Europe, hence it is necessary to adapt and comply. For Singapore, many businesses have had to adapt to GDPR as Singapore is the EU’s largest commercial partner in ASEAN, accounting for slightly under one-third of EU-ASEAN trade in goods and services.
Other governments in South-East Asia are moving to adapt. GDPR has helped countries throughout the region develop a similar regulatory platform to ensure that their citizens and their national and local businesses can operate globally.
GDPR Encouraging ASEAN interoperability
GDPR has indirectly meant many of the ASEAN countries have revisited and adapted their own data protection regulations and many have chosen to follow a similar framework.
The Singapore Data Protection Act (PDPA) shares many of the same principles with Europe’s GDPR in that they both require all communications regarding data collection, data processing or disclosure of data to obtain customer consent.
Malaysia has a similar PDPA which they are reviewing. Communications and Multimedia Minister Gobind Singh Deo said that companies need to act now, particularly because legislation such as the new EU GDPR can impose considerable penalties for non-compliance of regulations. He also said that Malaysia needs to be on par with global legislation on data protection because Malaysians are not just exposed to local retailers and other parties looking to use their data for a variety of purposes. Indonesia is also reviewing their policy with the other ASEAN countries following suit.
The digital landscape has encouraged ASEAN interoperability and it recently saw the signing of a regional E-commerce agreement. Singaporean Trade and Industry Minister Chan Chun Sing said that his agreement will help bolster trust and confidence among ASEAN consumers in e-commerce. It will enable ASEAN businesses to grow domestically, regionally and globally.
New Industry Growth – ‘RegTech’
With Southeast Asia becoming the hub for hi-tech solutions to privacy challenges, government and businesses need to collaborate to develop a regulatory landscape for this new industry sector to flourish. This new sector, regulatory technology, dedicated to help tackle privacy issues, compliance and cybersecurity has led to a surge of interest in AI innovation and development from companies and governments wanting to solve and manage these regulatory compliance issues. Providing a new economic opportunity for ASEAN.
I recently had the honour of presenting at DigiTec in Brussels in November at the European Commission. I spoke to many peers there, and they spoke of the success of their framework and toolkit: the European Interoperability Framework and of their eagerness to bring this knowledge and experience to Asia. And it seems that ASEAN could benefit from this toolkit, to help assist interoperability between the nations on GDPR.
Technology is the only way forward
It must be acknowledged that not all businesses in ASEAN have adapted easily to the new regulations, but looking at the bigger picture GDPR is presenting itself as a real opportunity:
- New industry sector growth – regulatory technology (data, privacy, security services and solutions)
- Bringing not just the region together, but the world together under a similar regulatory framework.
- Kickstarting a new era for technological innovation in AI. Helping governments tackle regulatory requirements, tackling privacy issues but also being used as a tool to reach out and boost engagement by respecting and better communicating with all citizens.
- The necessity to comply with these regulations it means that technology is the only way forward.
GDPR does represent a challenge and at the same time an opportunity. Now it is up to our governments and businesses to each find a regulatory balance which protects the privacy of its citizens but promotes the opportunities this new regulatory technological sector brings.