This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
| 1 minute read

Are You Prepared for Data Privacy Regulation in Asia?

What it takes for a company to be resilient is constantly evolving, driven by macro socio-economic disruptions and micro business issues influencing a change in business models. Against this backdrop, we are delighted to be partnering up with Conventus Law for a four-part podcast series “The Resilience Agenda”, which focuses on the key areas where organisations can protect value and take action, to address critical issues and mitigate risks.

It is clear that we are in a period of rapid regulatory evolution with respect to data privacy, with data protection standards rising in the Asia region, and with lawmakers now showing greater resolve to penalise those who fail to meet the mark. As Julie Brill, Chief Privacy Officer and Corporate Vice-President for Global Privacy and Regulatory Affairs, Microsoft says, “The regulatory tsunami is coming”. With an ever-evolving array of global data protection laws to contend with, we are already seeing the wheels of change in motion as the data privacy laws of several Asian jurisdictions are being updated to reflect more closely the European data protection regime (e.g. PIPL).

In FTI Consulting’s Resilience Barometer® survey 31% of organisations surveyed said they expect their company to be investigated by regulatory/ government bodies in the next 12 months over data privacy issues. Furthermore, a significant portion of organisations surveyed (42%) said they are still mainly reactive in managing risks around data privacy issues to businesses, or not managing this at all.

If a company is to be prepared for this kind of detailed examination, taking proactive risk mitigation measures can actually serve as an opportunity to add business value. The ever-changing landscape will put the onus on companies to take a proactive stance to prepare for a new era of public scrutiny and potential investigations that might follow either at the demands of the regulators or other concerned stakeholders.

In this episode, myself and my fellow Technology colleagues Sandeep Jadav and Tim de Sousa unpack these issues and the state of regulations in the data privacy space in Asia, and address how businesses can tackle these challenges head on. 

The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, Inc., its management, its subsidiaries, its affiliates, or its other professionals. 

FTI Consulting, Inc., including its subsidiaries and affiliates, is a consulting firm and is not a certified public accounting firm or a law firm.

I don't think the regulatory tsunami is coming, I think it's here, and I think it's been here for some time. We've seen mandatory data breach laws introduced in Singapore, New Zealand completely rewrote their Privacy Act recently. China has brought in the PIPL. Australia is currently reviewing its Privacy Act, and even the longtime holdouts, the US are finally considering a federal privacy law. So I think it's all happening, and we're in the middle of it, and it's going to keep going for a few years.


data, data privacy, data protection, regulation, technology, digital forensics, e-discovery & managed review, information governance privacy & security, risk & compliance, policy & regulation, investigations & monitorships