Bonjour à tous, or shall we say 大家好 !

It has been a busy week for privacy in Asia. Certainly enough to keep us on our toes and prepare for this news digest. 

To start on a high note, it is remarkable the Hong Kong Monetary Authority remains publicly cautious on the use of artificial intelligence in Hong Kong’s banking system. Concerns about bias when using AI are not new, which is a major pain point when companies and governments decide to use it. Using facial recognition to unlock a phone is one thing — "systematic" financial prejudices due to a poor machine learning dataset is a whole new layer of a surreal nightmare. Hopefully, most governments are aware of this risk and are spinning into controlling new technology use, most likely in a bet to restore public trust in said technologies.

This cautionary approach seems to be shared by the Chinese province of Zhejiang’s government, where a draft regulation on how public institutions should collect, use and share personal information during emergencies, e.g., the pandemic, is being discussed. While the text would apply to future incidents, current concerns on the trove of personal information being collected are a driving factor in this conversation. What happens to that data once it is not needed? What happens if the data was stolen or misused?

But it is time to be cautious: Keep an eye on the Chinese Standing Committee meeting between 17 and 20 Aug. The Personal Information Protection Law is on the schedule. That’s right, the draft is up for discussion again. This time, with a twist: It is likely the last discussion session and the draft has a high probability of being passed as is. For organizations dealing with personal information processing in China, it means getting the local team geared up to prepare for a marathon of compliance before the law is enforced.

Speaking of enforcement, the Office of the Australian Information Commissioner launched an investigation into Optus under the Privacy Act 1988 and China’s ongoing campaign against mobile applications abusing personal information. This time China publicly warned 14 app service providers against over-collecting personal information.

Finally, if you have a vested interest in the Japanese Act on the Protection of Personal Information but want to get the text in English, I have good news for you. The Japanese Personal Information Protection Commission released an English version of its amended APPI. Now is the perfect occasion to delve into the text firsthand alongside your favorite seasonal beverage.

Wishing you a good reading of the digest and a good day ahead!