Upload
herman-poole
View
40
Download
2
Tags:
Embed Size (px)
DESCRIPTION
LegalTech Asia DATA PRIVACY LAWS UPDATE. Edward Chatterton 4 March 2013. Agenda and Introduction. International data protection landscape – trends Asia Pacific Data Privacy Heat Map and recent developments Why it is relevant to Law firms and their IT Departments - PowerPoint PPT Presentation
Citation preview
LegalTech AsiaDATA PRIVACY LAWS UPDATE
Edward Chatterton
4 March 2013
Agenda and Introduction
1. International data protection landscape – trends
3. Asia Pacific Data Privacy Heat Map and recent developments
4. Why it is relevant to Law firms and their IT Departments
5. Compliance Building Blocks
6. DLA Piper - Data Privacy Laws of the World
23 August 2012Data Protection Master Class 2
No.
of
coun
trie
s w
ith p
rivac
y la
ws
Time Period
The growth of global privacy laws
3
Asia Pacific Heat Map
Date of presentationInsert filename here 4
Heat MapRecent Highlights
• Hong Kong – new amendment ordinance passed in June, to come into force in phases starting from 1 October, major provisions coming into force on 1 April 2013
• Philippines – 1st DP law recently passed influenced EU Directive the Asia Pacific Economic Cooperation Information Privacy Framework.
• South Korea – new (and draconian) law came into
force in September 2011
• Malaysia – 1st DP law passed in April 2010, still awaiting to come into force
• Singapore – 1st DP law now passed. Bill published
• Vietnam – consumer protection law (which protects consumer data) took effect July 2011
• Taiwan – new DP act to come into force 1 Oct 2012 (in parts)
Why it matters to Law firms and their IT departments?
Law Firms often/always …
Collect customer, employee, supplier, agents… information and store these in centralised marketing databases
Transfer personal data across international borders
Hire employees
Use or process personal data
Transfer personal data to others
Outsource HR and payroll functions to others either within or ourside their corporate group
Provide Consolidated IT services to service multinational practices across separate country based partnerships
Outsource data management functions to others (e.g. cloud)?
Do direct marketing
5
… at your own risk
Increasing regulation
Criminal prosecution
Imprisonment
Fines
Reputational damage
Civil actions
Regulatory investigation
Enforcement actions
6
Compliance building blocks
7
What compliance might look like……
8
Policies and procedures
Statement of requirements
DPA notifications
Global data protection policy
Governance and accountability
• HR • Client data• Direct marketing• Records management• Electronic usage• Security• Social media• Vendors• Cookie• CCTV
Data transfer agreement
Training and awareness
Verification and audit
country variations
country variations
country variations
• Generic code of conduct
• Statement of good practice
• Local law compliance on top of this
• Sets structure for other components
Data Protection Master Class 23 August 2012
We already know what the law says….
9Data Protection Master Class 23 August 2012
Thank you