Time |
Session |
09.00
|
Registration
|
09.30
|
Asia Overview
Regional developments and what we are seeing in the market
Professor Graham Greenleaf and Adrian Fisher
|
09.45
|
China
- A coherent set of data protection laws by the Cybersecurity Law and the ’standard' after two years
- Developments in personal data rules – moving towards a single framework or continued fragmentation?
- China’s updated draft cross-border rules
- The new and uncertain data localisation and data export rules, and the risks involved for foreign companies
- Will the ‘Chinese model’ be emulated elsewhere?
Adrian Fisher (Lead)
|
10.15
|
Japan
- The modest and inadequate reforms of 2015
- ‘Adequacy’, but only if your data comes from Europe, not from Japan or elsewhere
- The EU shuts the ‘Japanese back door’ on APEC-CBPRs transfers to US companies
- Lack of evidence that the DPA enforces the law
- The Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP) and Prime Minister, Shinzō Abe’s ‘Data Free Flow With Trust’(DFFT): What does it mean?
Graham Greenleaf (Lead)
|
10.45
|
Questions and Answers
|
11.00
|
Coffee
|
11.15
|
Singapore
- Enforcement trends, for example, recent Personal Data Protection Commission (PDPC) decisions
- Proposed amendments to the Personal Data Protection Act (PDPA), for example, to legal bases for processing and breach notification; data portability
- PDPC’s approach to data and innovation, for example, the Artificial Intelligence (AI) governance framework and regulatory sandbox
- Strong enforcement, but with a S$1million limit
- Fashioning a complex set of alternative approaches to data export
Adrian Fisher (Lead)
|
11.45
|
Korea
- Further strengthening of enforcement: EU-level administrative penalties in use; statutory damages
- Confusion over DPA powers, and Bills to resolve this issue which affect adequacy
- A different path to EU adequacy: implementing GDPR-level protections for Koreans and others
- Prescriptive requirements for transferring personal data out of Korea
Graham Greenleaf (Lead)
|
12.15
|
Other developments across the region
- Thailand: Personal Data Protection Act now in force; Establishment of the Personal Data Protection Committee; Entry into force; Extra-Territorial application
- Hong Kong: The Cathay Pacific decision
- India: The Puttaswamy Case sets the parameters; the Srikrishna draft Bill: a GDPR-influenced law, but with distinctive differences; the Indian approach to data localisation differs from China’s; another Asian model for possible emulation
Professor Graham Greenleaf and Adrian Fisher
|
12.45
|
Major developments expected across other Asian jurisdictions in the next 12 months
Professor Graham Greenleaf and Adrian Fisher
|
13.00
|
Questions and Answers
|
13.15
|
Lunch hosted by Linklaters
|
14.15
|
Roundtable
A confidential exchange of experience with case studies
- Challenges and issues that arise in the implementation of a global data privacy project across the diverse countries of the APAC region
- Dealing with different legal bases for processing personal data
- Cross border transfers
- New/untested regulators
- The overlay of cybersecurity laws that are emerging in some countries
- Other
Please note: the Roundtable is optional and no additional cost, but places are limited. The Roundtable is fully booked - if you would like to attend this part of the day we can add you to the waiting list.
|
16.15
|
Close
|