India ramps up plans for world's largest facial-recognition system

(Sep 20, 2019) Plans for the world's largest facial-recognition network have begun to take shape in India, the South China Morning Post reports. A bidding process will open next month for developers interested in building a centralized facial-recognition data hub that will gather data from surveillance cameras across India. The move is stirring privacy concerns as India is working without privacy legislation. "We’re the only functional democracy which will set up such as system without any data protection or p... Read More

IT minister seeks to maintain India's data sovereignty

(Sep 20, 2019) The Economic Times reports India IT Minister Ravi Shankar Prasad has announced that the government is committed to harnessing the power of the country's data and doing so for the country's benefit. "The super sensitive data, the sensitive data must remain in India," Prasad said at a recent conference. Prasad cited health care data as a potential source for new breakthroughs and innovations, while it could also harvest results in creating solutions and medicines.Full Story... Read More

Notes from the Asia-Pacific region, 20 Sept. 2019

(Sep 19, 2019) Greetings, privacy pros! Numerous concepts and analogies about personal data have been discussed by key stakeholders in India. The Ministry of Electronics & Information Technology has created a multi-stakeholder committee to deliberate on data governance for non-personal information and the possible regulation on use of such data. The committee discusses large-scale “community” data as a natural resource that will be the growth engine of the economy. This would supplement the data governan... Read More

Philippines seeking APEC CBPR certification

(Sep 19, 2019) The Philippine Star reports the National Privacy Commission in the Philippines has submitted its application to become the ninth economy to join the Asia Pacific Economic Cooperation Cross-Border Privacy Rules. "Our certification would be recognized in all jurisdictions. For companies that would require cross border flows with the Philippines, this would be a seal of good housekeeping so to speak, that the company they are dealing with has reached that standard," Privacy Commissioner Raymund Lib... Read More

Industry prefers detailed crafting of India's non-personal data regulation

(Sep 19, 2019) The Economic Times reports India's industry advocates are calling for the government to be mindful of drawing a line when composing a draft non-personal data regulation. While there has been a committee assigned to explore the issue of non-personal data, industry has concerns that anonymized, community and e-commerce data may be lumped into a personal data legislation. Data Security Council of India CEO Rama Vedashree said non-personal data sharing should be voluntary and incentivized, adding th... Read More

Indian government stands firm on WhatsApp message tracing

(Sep 19, 2019) The Telegraph reports India's government has remained insistent that Facebook add traceability to flagged WhatsApp messages. Instead of standard traceability, Facebook Global Affairs and Communications Vice President Nick Clegg recently proposed to IT Minister Ravi Shankar Prasad a mechanism for WhatsApp to act on threatening messages made through the platform. Facebook has argued to officials that adding message tracing would go against its policy on privacy and end-to-end encryption.Full Story... Read More

Hong Kong telecom fined HK$84K for violating PDPO

(Sep 19, 2019) Hong Kong's Office of the Privacy Commissioner for Personal Data has announced a fine of HK$84,000 against telecom SmarTone Mobile Communications for violations of the Personal Data (Privacy) Ordinance. The company was originally charged with a record 23 violations before being convicted of 14. The charges stem from SmarTone's lack of compliance related to a data subject requesting the company exclude her personal data from direct marketing campaigns.Full Story... Read More

Victoria uploads license data to state system, refuses sharing across agencies

(Sep 19, 2019) Technology Decisions reports Australia's Victorian government has agreed to upload state driver's license data to the federal government's National Driver Licence Facial Recognition Solution but will not allow access to federal agencies and other states. The state government's position comes as it awaits improved provisions within the proposed Identity-matching Services Bill that is being considered by Australia's Parliament. "The public needs to be able to trust that governments can adequately ... Read More

Personal information of millions exposed in Malaysian airline breach

(Sep 19, 2019) The South China Morning Post reports Malaysia-based airline Malindo Air and its subsidiaries have confirmed they've been hit with a data breach affecting millions of its customers. The exact number of affected customers is unknown; however, customers' passport details, home addresses and phone numbers were all involved in the breach. "We found out about this breach last week. We and a third party vendor are checking as we speak, and will come up with a statement soon. We will advise passengers a... Read More

Tide Foundation introduces 'splintering' as encryption solution

(Sep 18, 2019) In an effort to protect against data breaches, the Tide Foundation has introduced a new approach to encryption called "splintering," TechRepublic reports. The not-for-profit open source foundation is using "an encryption scheme that distributes password authentication across a decentralized network." Tide Foundation Co-Founder Yuval Hertzog recognizes the process isn’t perfect, saying, "Our mechanism, while it's not solving all the password issues, is actually narrowing down the solution to at l... Read More