Skip to content
Welcome / Blog Archive / English / 2018-06-doc4 Privacy protection in Asia and the EU

2018-06-doc4 Privacy protection in Asia and the EU


The Asian Business Law Institute (ABLI), which started in 2016, is an institute based in Singapore. It initiates, conducts and facilitates research and produces authoritative texts with a view to providing practical guidance in the field of Asian legal development and promoting the convergence of Asian business laws. Since last year I am involved in their work related to restructuring and insolvency, in which a close cooperation with the International Insolvency Institute (III, see is sought. See blog/2017-09-doc10-launch-of-asian-principles-of-restructuring-project.

In May 2018, ABLI published a large study on Regulation of Cross-border Transfers of Personal Data in Asia. It contains a compendium of 14 detailed reports (in all over 400 pages) written by legal practitioners, scholars and researchers in their respective jurisdictions, on the regulation of cross-border data transfers in the wider Asian region, which includes Australia, China, Hong Kong SAR, India, Indonesia, Japan, South Korea, Macau SAR, Malaysia, New Zealand, Philippines, Singapore, Thailand, and Vietnam. Under leadership of Dr Clarisse Girot, Research fellow at ABLI, the report brings together the regulation of data transfers in the jurisdictions mentioned and includes a study of data transfer provisions in Asian data privacy laws to address the wider spectrum of issues that have an impact on the legal framework of cross-border data flows. It will form the basis for a second phase in ABLI’s research: an in-depth study of the differences and commonalities between Asian legal systems on these issues and – where feasible – the drafting of recommendations and/or policy options to achieve convergence in this area of law in Asia.

It is interestng to note that the study apprears in the month in which in Europe tighter regulation on data sharing and international data transfers has been enacted via the General Data Protection Regulation (GDPR). In the introduction to the full report it is also noted that the reports demonstrate how the extraterritorial effects of the GDPR have had their influence. The EU standards guide or inspire reflections on national reforms in Thailand, India, Indonesia, and Hong Kong SAR, while I read that several European concepts have been imported (‘data portability’ in the Philippines, or the ‘right to be forgotten’ in Indonesia and South Korea).

This makes the report an interesting read for European governments, data privacy regulators, law practitioners and the privacy industry as a whole as well. Where many Asian companies operate globally and in future certain Asean guidances will become available, it may be expected that a mutual exchange of ideas can take place and that ‘global’ convergance may be around the corner.