Is GDPR and Compliance Enough for Entities Operating in Asia?

Nasa Photo.jpg

By: David Chen and L. Hannah Ji

The EU General Data Protection Regulation (GDPR), which came into effect in May 2018, is widely considered them most comprehensive data protection law in the world. Many businesses treat GDPR as an international standard, an assume that as long as they comply with it, they will satisfy all other international requirements as well. While it is generally true that GDPR constitutes the most wide-ranging data handling regulation to date, it does not necessarily set the highest bar in all areas. In particular, Asia’s data protection policies differ from GDPR in a few key areas. A business that fails to account for these differences may fully comply with GDPR and still run afoul of Asia’s laws, subjecting itself to the possibility of fines, penalties, or other legal actions.

Continue reading the full article in the Association of Corporate Counsel (ACC) Docket here .