JJ Pan has overseen Acxiom’s Asia-Pacific public policy, data ethics, compliance, data governance programs and fair information practices as its APAC Data Ethics Officer since 2012 and said the challenges and achievements as a thought leader in Acxiom have "inspired me in many ways."
Pan's volunteer work for the IAPP over the last five years includes co-chairing the KnowledgeNet Taipei Chapter and presenting a number of lectures. While reflecting on her volunteer efforts, Pan said she values the professional atmosphere she has been part of and finds the advanced knowledge and various peers she is picked up along the way to be most rewarding.
In this Volunteer Spotlight, Pan discusses some of the key characteristics of the data protection landscape in the APAC region while also touching on data ethics, the effectiveness of the APEC Cross-Border Privacy Rules System and the data privacy that lie ahead for APAC privacy professionals.
The Privacy Advisor: In your opinion, what’s the biggest difference in privacy and data protection within APAC countries versus what we see in Europe and the U.S.?
Pan: The APAC region is culturally conservative and geographically segmented compared to the EU and the U.S., so as to the level of regulations and enforcement in data protection. Cybersecurity is inclined to have more focus than privacy. However, enforcement is expected to expand more and be stronger as mobile devices and their apps are being penetrated faster and more often. We're already seeing the number of data breaches increasing in APAC countries.
The Privacy Advisor: What’s an often overlooked aspect of data ethics that deserves more consideration?
Pan: The balance between data monetization and data ethics will sometimes cause difficulties with the trust and confidence consumers have in businesses. Operationalization and accountability are important to ensuring data ethics will be the best solution for businesses; however, on the contrary, these ethics are inclined to be an impractical policy.
The Privacy Advisor: In your compliance experience, what APAC regulatory framework has been most difficult to comply with?
Pan: Each country has its regulatory strengths. In my observations, China is more complicated by the different levels of regulations, national standards and enforcement authorities. However, the regulatory framework in place guarantees the rights of merchants and consumers to be protected, thus boosting the prosperous developments of e-commerce and mobile commerce.
The Privacy Advisor: You’ve been involved with the APEC CBPR system since 2006. How does an organization benefit from being certified?
Pan: The CBPR system is an operationalized framework co-built by government, business and third party accountability agents in each country. The core value is to benefit countries with similar systems and the same goals. Even though the number of countries participating is less than what is expected, APEC already has an aggressive plan to expand participation. With that increased participation, the system will certainly be more effective and influential.
The Privacy Advisor: Is there an emerging APAC data protection issue that needs to be talked about more?
Pan: Artificial intelligence and Internet of Things will be the next challenges, along with more mature technology and higher consumer demands in the coming years. Data ethics by design and operationalized accountability in an algorithm-driven world are especially dynamic and challenging to every stakeholder in the businesses and the whole ecosystem, which deserve more attention from each one of us as an accountable gatekeeper.
Photo by Keagan Henman on Unsplash