Deloitte Asia Pacific Privacy Guide


Deloitte Asia Pacific Privacy Guide

In its second edition, the guide expands on the original and provides more granular privacy considerations when handling personal information across an ever changing and diverse APAC region.

Working locally, thinking globally

The APAC region is home to some of the world’s fastest growing economies and businesses, where information sharing across borders is becoming more critical to increasing capability and leveraging different skill sets. While business and technology are increasingly without borders, privacy laws certainly are not. Like the cultures they emanate from, privacy laws differ considerably across the Asia Pacific.

Today, more than ever, organisations need to keep up-to-date with the diverse privacy regulatory landscape in order to minimise privacy risk, maintain and build trust with customers, and create sustainable and productive business networks. The guide provides a wealth of information on how to prepare for upcoming trends and changes to mandated privacy requirements.

Technology is enabling more personalised services and products for consumers. As organisations prepare to compete in delivering high quality products and services to consumers, they need to understand intimate details about the customer – but this needs to be done safely. Research shows that a new breed of consumers are very prepared to opt out. Consumers now have a baseline expectation of organisations to protect their privacy and their personal information. This means that if an organisation is able to demonstrate a minimum level of protection for personal information, it could be a key differentiator with competitors. Doing privacy well not only creates a competitive edge, it also helps avoid heat from regulators, fines, reputational damage and loss of market share.


Key emerging trends in the region:

  • Governments throughout the APAC region are strengthening their privacy and data protection frameworks.
  • The European Union (EU) General Data Protection Regulation (GDPR) is influencing a number of Asia Pacific countries to obtain an EU adequacy status once their privacy policies and frameworks have been strengthened. Currently, New Zealand and Japan are the only countries within the Asia Pacific region with an adequacy decision.
  • A move towards alignment of regulations and expectations regarding how personal information is handled and protected through the Asia Pacific Economic Cooperation Cross Border Privacy Rules.
  • A significant increase in the number of data breaches impacting millions of individuals globally, data breach notification is becoming an important base-line requirement within a country's privacy law.
  • Respecting individual rights is becoming more important for organisations to foster and maintain trust.
Asia Pacific Privacy Guide
Did you find this useful?