Head-to-head: Should Asia adopt a GDPR-style data privacy law?

Author: | Published: 26 Feb 2019

Q: Should Asia adopt a GDPR-style data privacy law?


Dmitri Hubbard, head of risk management, Hong Kong Law Society

Despite its recent zeitgeist, privacy is an ancient concept. Civitas Romana saw ancient Roman citizens as coming before the state, and separate from the state.

Now global reality has fundamentally changed. We live with mobile phones, the internet, analytics, and an information explosion. Thus in May 2018 the EU's General Data Protection Regulation (GDPR) came into force to commit to the protection of the individual against the arbitrary use of state or corporate power. The GDPR has come in answer to the question: if data is the new oil, then are internet and data businesses the new oil companies? Regulation dictates the polluter must pay to enjoy the benefit.

Meanwhile, in Asia-Pacific, data privacy laws have incrementally developed over time, haphazardly, like a patchwork quilt. Some jurisdictions started relatively early...