Greetings from Hong Kong!
I'm writing to you as a special correspondent from the International Data Protection and Privacy Commissioners Conference, the 39th edition of which is being held here in Hong Kong. Without question, Hong Kong Commissioner Stephen Wong has pulled out all the stops in making sure the event is impressive in every respect.
Having been to a number of these events, from Warsaw to Amsterdam, I can say that the conference's location here in Asia provides a distinct flavor that sets it apart from those held in Europe, especially. Many of the Asian commissioners have taken effort to note that the culture of privacy here is a relatively new phenomenon. In Korea, we were told, it was a sign of neighborliness to know the private details of your friends and colleagues. In the Philippines, we heard, the people have big hearts and want to know more about you so that they can better and more quickly be your friend. In China, privacy was a concept more centered around the family unit than the individual.
All this informs the different ways in which privacy regulators oversee compliance with their respective country laws.
One thing that's clear is that Asian regulators see a dual nature to their roles. On one hand, yes, they have an imperative to protect the privacy rights of their citizenry. But perhaps more important in their minds is to educate organizations about their responsibilities in the handling of personal data. We have heard about numerous efforts to produce materials, events and tools that will help their constituent companies develop a culture of privacy and data protection.
More than one Asian regulator repeated this mantra: It is better to prevent than to cure.
Of course, many European regulators take similar efforts to inform and educate, but in Asia, privacy regulation seems particularly collaborative with business. In Singapore, we heard, the PDCP is developing what they are calling "regulatory sandboxes," where organizations can bring products for testing and examination. In China, we heard, the regulators feel it is important for Chinese technology firms to weigh in on how new technology innovation might help protect privacy as it uses data in new and interesting ways.
As the ICDPPC moves back to Brussels and Bulgaria next year, happening a few months after the GDPR comes into force, it will be interesting to see the contrast, on one hand, and how much of this first Asian conference in almost two decades informs the event's posture, on the other.
If you want to comment on this post, you need to login.