Asia Topic Page

Navigate by Topic

On this topic page, you can find the IAPP’s collection of coverage, analysis and resources related to privacy in Asia. The IAPP Resource Center includes separate topic pages for Australia-New Zealand, China, India and the Middle East.

Featured Resources


Global AI Governance Law and Policy: Singapore

This article analyzes the laws, policies, and broader contextual history and developments relevant to AI governance in Singapore.
Read More


Top-5 Operational Impacts of China’s PIPL

This five-part series examines several facets of the Personal Information Protection Law of the People’s Republic of China.
Read More


5 steps to prepare for India’s DPDPA

This article outlines key steps to take for DPDPA compliance: determining applicability, building data inventories and maps, developing consent mechanisms, enabling data principal rights, and implementing technical measures.
Read More


A practical comparison of the EU, China and ASEAN SCC’s

This resource compares three sets of standard contractual clauses, namely in China, the EU and the ASEAN, based on their key features.
Read More


What does Japan’s External Data Transmission Rule mean?

This article provides an overview of Japan’s External Data Transmission Rule, including who it may apply to and what privacy obligations will fall on covered entities.
Read More


A look at what’s in China’s new SCCs

The Cyberspace Administration of China published standard contractual clauses for transfers of personal data and their implementing regulations. This article outlines the scope and requirements while providing key takeaways privacy professionals should mull moving forward.
Read More

Asia-Pacific Dashboard Digest newsletter

Keep up to date with the most important privacy and data protection news from Asia and Australia-New Zealand by subscribing to the Asia-Pacific Dashboard Digest e-newsletter.

Additional News and Resources

Chinese SCCs are here: Are you ready?

Practical notes for Japan’s important updates of the APPI guidelines and Q&As

Residual issues in Indonesia’s forthcoming Personal Data Protection Law

Hogan Lovells – Asia Pacific Data Protection and Cyber Security Guide

Global Legislative Predictions 2022: Indonesia’s Personal Data Protection Bill

China’s PIPL takes effect, compliance ‘a challenge’

China’s draft algorithm regulations: A first for consumer privacy

China adopts national privacy law

China’s key enforcement agencies and lessons learned from recent actions

Introducing China’s New Privacy Law: PIPL

Analyzing China’s PIPL and how it compares to the EU’s GDPR

The future of data localization and cross-border transfer in China: a unified framework or a patchwork of requirements?

Privacy Updates in China and India: 2 Giants Legislating Data Protection

Japan updates enforcement rules for amended APPI

How to Leverage APEC Accountability Agents for Your Global Privacy & Governance

PDPC commissioner building Singapore’s digital future

Paving the way for meaningful consent under Singapore’s PDPA

A primer on privacy in Asia-Pacific

COVtech in India: Privacy considerations amid COVID-19

APEC announces new US accountability agent for CBPR certifications

Australia’s anti-encryption collision with GDPR sub-processing

As Asia-Pacific rises and integrates, so too could the APEC Cross-Border Privacy Rules

Regional Resources

PCPD – Annual Reports

South Korea approves PIPA enforcement amendments

Sri Lanka’s DPA comes online

What does Japan’s External Data Transmission Rule mean?

Japan, UK reach digital partnership

Japan’s PIPC introduces data mapping toolkit

Singapore PDPC issues reminder of new ‘voluntary undertakings,’ increased fines

Indonesian lawmakers pass data protection bill

Residual issues in Indonesia’s forthcoming Personal Data Protection Law

Philippines’ NPC issues Circular of Administrative Fines guidance

South Korea court overturns law allowing police to access users’ data without notice

PDPC: Data Protection Practices for ICT Systems

South Korea, UK reach adequacy agreement ‘in principle’

Tax worker loses personal data on entire Japanese city

Enforcement of Thailand’s PDPA begins

Singapore’s PDPC creates data anonymization tool

Singapore launches first of its kind AI governance testing framework, toolkit

Singapore – Personal Data Protection Starter Kit For Organizations

Keynote: Zahra Mosawi, Ex-Commissioner, Access to Information Commission of Afghanistan (IAPP Global Privacy Summit 2022)

Global Legislative Predictions 2022: Indonesia’s Personal Data Protection Bill

Areas in Japan turn to electronic surveillance to monitor those with dementia

Japan publishes AI governance guidelines

Practical notes for Japan’s important updates of the APPI guidelines and Q&As

Practical notes for Japan’s amended APPI: How to amend privacy notices

PCPD Commissioner publishes details to better understand PIPL

PCPD details Personal Data (Privacy) Ordinance amendment

PCPD releases guidance on EU’s updated SCCs

Hong Kong passes anti-doxxing privacy bill

South Korea to add surveillance cameras in operating rooms

Social media platforms secure Afghan’s privacy

Hong Kong privacy commissioner publishes AI guidance

Taliban reportedly seize US military biometrics devices

Singapore’s PDPA: What to Know For Incident Response

DOD Inspector General publishes advisory on removing data from Afghanistan

Japan publishes data transfer guide

PCPD publishes guidance on social media, messaging apps

Breach exposes data of Malaysia Airlines’ frequent flyer members

PDPC commissioner building Singapore’s digital future

Installation of surveillance cameras in Kabul raises privacy concerns

Indonesia publishes draft ‘2020–2024 Strategic Plan’

New rules allow Nepal government offices to install CCTV cameras in public places

Paving the way for meaningful consent under Singapore’s PDPA

Malaysia mulling PDPA amendments

PDPC Model AI Governance Framework, Second Edition

Tech companies take measures to protect Kazakhstan users’ privacy

Kazakhstan begins intercepting domestic HTTPS traffic

The European Union and Japan adopt adequacy decisions

New cybersecurity law takes effect in Vietnam