ASIAN TIMES: DATA & AI (202408)
OneCompliance Consulting
One-stop compliance worldwide for privacy and finance
?? Welcome to OneCompliance's Newsletter – Your Source for the Latest in Data, AI, and Privacy Across the Asian Market!
?? Stay in the loop with our curated updates, trends, and insights.
1.??? EU and China launch Cross-Border Data Flow Communication Mechanism
Sabine Weyand, director-general of DG Trade at the European Commission, met online yesterday with Vice-Minister Wang Jingtao of the Cyberspace Administration of China to formally launch the new mechanism.?
The mechanism will focus on practical solutions to address problems European companies face in China regarding cross-border flows of non-personal data.
?
2.??? India passed Digital Personal Data Protection Act 2023
On 3 August 2023, the Lower House of the Indian parliament – the Lok Sabha – passed the Narendra Modi government’s?Digital Personal Data Protection Bill, 2023. The bill became law after the Rajya Sabha – the parliament’s Upper House – passed the bill on 9 August 2023.?
The new data protection act marks an important moment in India’s digital economy and governance. Undoubtedly, this law will have a massive impact on India’s economy as sectors digitalize rapidly.
3.??? Philippines: NPC issued Circular on CCTV Systems
The National Privacy Commission (NPC) issued NPC Circular No. 2024-02, which provides an updated policy framework for the use of Closed-Circuit Television (CCTV) systems by personal information controllers (PICs) and personal information processors (PIPs). The Circular, which was published today, 12 August 2024, shall take effect after fifteen days following the completion of publication or on 27 August 2024, outlines the responsibilities and obligations of entities using CCTV systems to ensure compliance with the Data Privacy Act of 2012 (DPA).
The Circular applies to CCTV systems used by PICs and PIPs that process personal data. Excluded from the scope of the Circular are those CCTV systems used for purely personal, family, or household affairs, and lawful surveillance.
?
4.??? Hong Kong issues generative AI guidelines to banks to avoid bias against consumers
Hong Kong’s de facto central bank is urging financial institutions in the city to follow a new set of guidelines when using?generative artificial intelligence (GenAI)?in consumer-facing applications, as adoption grows in the banking sector.
?Banks looking to use GenAI in their products should follow a range of principles, including ensuring customers can choose to opt out of using the technology and that?AI?models do not lead to unfair bias or disadvantage certain consumer groups, the Hong Kong Monetary Authority (HKMA) said in a notice on Monday. Company boards and senior management should also “remain accountable for all the GenAI-driven decisions and processes”, according to the document.
领英推荐
5.??? Hong Kong: Privacy watchdog issues New Code of Practice on Identity Card Information
The Office of the Privacy Commissioner for Personal Data (PCPD) announced on Thursday a new code of practice to ensure that companies are handling the collection of ID card information carefully to prevent leakage.
The Hong Kong identity card (ID Card) contains sensitive personal data, and the leakage of such data may lead to identity theft and the perpetration of fraud.
Hence, organizations should be particularly careful when they collect and handle data from ID Cards and ensure they comply with the relevant requirements of the Personal Data (Privacy) Ordinance.
?
6.??? Thailand: PDPC Fines Major It Products Retailer THB 7 Million Following Data Breach
On 21st?August 2024, the?Personal Data Protection Committee (PDPC) of Thailand's Ministry of Digital Economy and Society (MDES)?announced that it had issued a fine of THB 7 million on?J.I.B. Computer Group Co., Ltd. (JIB)?for violations of the Personal Data Protection Act (PDPA) following a data breach. The PDPC noted that it was the first administrative fine issued under the PDPA.
The PDPC reported that a data breach occurred at JIB, an online IT products retailer, leading to the unauthorized exposure of personal data to a call center group known for using such information to perpetrate fraud.
?
7.??? Saudi Arabia: SDAIA publishes Rules for DPO appointment
On August 27, 2024, the Saudi Data & Artificial Intelligence Authority (SDAIA) published Rules on Appointing a Personal Data Protection Officer (the Rules),?following public consultation.
The Rules aim to set minimum requirements for appointing a data protection officer (DPO), clarify cases in which a controller must appoint a DPO, and determine the DPO's roles and tasks.
?