Developing Legal Frameworks for Privacy Laws in APAC
1. Developing a Legal
Framework for Privacy
Claro Parlade
Senior Privacy Counsel,
Asia-Pacific
Google Confidential and Proprietary
2. APAC Privacy Law
Revising Privacy Laws
•Australia
•New Zealand
•Hong Kong
New and pending Privacy Laws
•Korea
•Malaysia
•Philippines
•Taiwan
•Singapore
•India
•Thailand
Google Confidential and Proprietary
3. Considerations
• Public Policy Goals
• Economic Impact of Privacy Regulation
o Cost-benefit analysis
• Need for Capacity-building
• Developing Public awareness
o Shared responsibility
Google Confidential and Proprietary
4. Characteristics
• Principles-based
• Technology and Device Neutral
• Clarity in scope
• Focused on outcomes, not on procedure
• Innovation-Friendly
Google Confidential and Proprietary
5. APEC Privacy Framework
• APEC’s 21 member economies outpaced the rest of the
world in 2011 with a growth rate of 4.1%. APEC’s
estimated growth in 2012 4.3% (vs. rest of the world at
3.5%) [see http://publications.apec.org/publication-detail.php?pub_id=1284]
• The Data Privacy Subgroup developed the APEC
Privacy Framework in 2004
• The Framework is a set of nine principles to assist APEC
economies in developing privacy approaches that
maximize privacy protection and the continuity of cross-
border information flows
Google Confidential and Proprietary
6. APEC Privacy Principles
1)Preventing Harm
2)Notice
3)Use
4)Collection Limitation
5)Choice
6)Security Safeguards
7)Integrity
8)Access and Correction
9)Accountability
Google Confidential and Proprietary
7. APEC CBPR
• The Framework states that international implementation
of these principles may be achieved through Cross
Border Privacy Rules (CBPRs)
• CBPRs are a set of voluntary rules developed by an
organization based upon the APEC Privacy Principles
• The organization then commits to apply these rules to its
activities involving transfers of personal information
across borders
Source: APEC-DPS
Google Confidential and Proprietary