Support Centre

Asia-Pacific Bodies


Law: There is no general personal data protection law applicable across the Asia-Pacific.

Regulator: There is no general personal data protection regulator applicable across the Asia-Pacific.

Summary: There are multiple groups of jurisdictions that are formally established within the Asia-Pacific region. Of these, the two most influential in relation to personal data protection are the Asia-Pacific Economic Cooperation ('APEC') and the Association of Southeast Asian Nations ('ASEAN'). Both of these groups have issued several frameworks and pieces of guidance to instruct governments and guide uniform approaches to personal data protection. While most of these are non-binding, some have more significant effects. The Asia-Pacific Economic Cooperation Cross-Border Privacy Rules ('APEC CBPR') system, for instance, is a data transfer mechanism that enables the free flow of personal data among participating economies where certain requirements are met. In addition, bespoke agreements are regularly made between jurisdictions to enable data sharing or align data protection practices. Although there is notable disparity among approaches to data protection within the Asia-Pacific region, these groups and agreements are seeking to establish essential standards and promote harmonisation.


In this Insight article, Huzaifah Sehgal, from Walker Martineau Saleem LLP, explores the rapid rise of artificial intelligence (AI) in the Asia-Pacific region, its impact on various industries, the challenges related to AI regulation, and the need for an accountable and ethical approach to foster trust and further integration of AI technologies in the APAC region.

Diversity and inclusion programmes are becoming increasingly popular across the globe due to a growth in awareness and a demand for organisations to support values, such as equity and inclusion. While actively engaging in diversity and inclusion initiatives may help organisations to better understand, manage, and develop the business, it is not always clear what data can, and cannot, be included in diversity monitoring surveys or what the rules are for such data collection.

The legal requirements surrounding information relating to an individual's race, gender, ethnicity, sexuality, and health differ from country to country, with some classifying such data as 'sensitive data', while others view it under the umbrella of 'personal information'.

OneTrust DataGuidance Research has consulted with a number of legal experts operating within the Asia Pacific region in order to uncover the requirements for the collection and use of employee data for diversity and inclusion surveys. The countries covered in this Insight article include Australia, China, Singapore, Japan, Hong Kong, and India.