Asian Experts Affirm Need To Converge Legal Frameworks To Facilitate Cross-Border Data Flows

07 Feb 2018 - Experts in Asia agreed that it is urgent for laws and legal frameworks of varying countries to converge when it comes to protecting data that is flowing across borders.

This is especially so as businesses expand their services and operations globally.

Concerns have increased about the protection of personal information moving across borders and into countries with varying data protection regimes.

Representatives from government, data protection regulators, industry and the legal community from 19 countries came together at a forum on Wednesday (Feb 7, 2018) to discuss how to achieve a common Asian framework to share and transfer information across international borders.

Entitled “A shared legal ecosystem for international data flows in Asia”, the forum,  held at the Singapore Supreme Court, is part of a two-year project by the Asian Business Law Institute (ABLI) to help bridge the gaps between the different rules and standards in Asian countries on cross-border transfers of personal information.

In his opening remarks at the forum, Chief Justice Sundaresh Menon said: “Data privacy has for the first time, come to the forefront of public consciousness and has even ascended to the top of the political agenda.”

He told the forum that 2017 has the “dubious distinction of being the year with the greatest number of incidents involving unauthorised or illegal access of confidential or protected data”.

CJ Menon cited examples of data breaches at Uber, Deloitte, Equifax and Verizon, which became highly publicised cases; adding that many countries, such as China, India and Singapore, are adopting  new data protection measures, more stringent cybersecurity laws and data breach notification requirements in their legal systems.

Information sharing and international data transfers are essential to innovation, cross-border trade and commerce, and data-driven projects such as smart nation. However, data localisation requirements and the fragmented environment in data privacy laws in Asia present the biggest stumbling blocks to the development of the digital economy and e-commerce, and for pushing up the costs of doing business in the region.

This forum sets the stage for the second phase ABLI’s two-pronged approach to these issues. Five key issues were selected for open discussions and the body will do a comparative analysis between the existing laws, highlighting their commonalities and differences, and propose policy options to governments and policy-makers and make suitable recommendations for the convergence of rules and standards on cross-border data transfers.

ABLI, under the leadership of its senior research fellow, Dr Clarisse Girot, has, over the last eight months, led a project team, comprising legal academics and practitioners from 14 countries, who surveyed all data transfer rules currently in force in Singapore, China, India, Australia, New Zealand, Korea, Japan, Vietnam, Philippines, Thailand, Hong Kong, Macau, Malaysia and Indonesia.

The reports will be published in a compendium, which will be available free to the public on the ABLI website in the first quarter of 2018.

Dr Girot said while common privacy principles have been developed at the global and regional levels, “Asia is still handicapped by extremely varied data protection laws and the absence of structured regulatory co-operation to ensure consistent implementation. This comes as a heavy cost for companies based in Asia”.

As a neutral, pan-Asian body, ABLI is able to come in, with “a unique opportunity to influence the shape of future development”,  CJ Menon said.

ABLI was set up in 2016 in recognition that differences in the legal regimes in Asia can be a serious roadblock to businesses. Its Board of Governors, chaired by CJ Menon, comprises 13 influential members drawn from the judiciary, academia and practitioners from different jurisdictions including Singapore, China, India and Australia.