What are the implications of GDPR on businesses in Asia?

As companies are gaining more power with little at stake, it is becoming evident that there needs to be regulations in place to help protect individuals.

The EU General Data Protection Regulation (GDPR) is an effort to rectify the current state of affairs. Coined as “the most important change in data privacy regulation in 20 years”, it is a provision that requires businesses to protect personal data and privacy of EU citizens.

Set to enforce on the 25th May 2018, the GDPR will be a challenge for many companies as they prepare for the changes. In a survey conducted by Propeller Insights said that 53% saw the technology sector being most impacted by the GDPR, followed by online retailers and software companies.

What the GDPR reflects is a growing public concern for privacy protection and a distrust in major companies towards the handling of personal data.  The effects of the distrust from the public on how companies may handle their personal data is also an interesting one. According to an RSA report on data privacy and security, due to concerns of data being resold and unwanted marketing, 41% of respondent said they would intentionally falsify data when signing up for services online.

What does this mean for the future?

While GDPR states that the rules would apply to EU citizens, GDPR would also have an impact on entities operating outside of European jurisdiction as long as they are managing EU citizens information. For example, if companies or even service providers manages EU citizens personal information when they work as expats in Asia Pacific region, GDPR regulation will also apply.

Under the GDPR, companies will have to report  a breach within 72-hours. This stringent regulation would mean that companies will have to be more mindful and aware of the processes that goes into the handling of personal data. The GDPR will also be putting pressure on companies to be more responsible for the data they own rather than seeing it as a limitless mining asset.

We predict that GDPR will not only reshape how companies would operate in terms of technology and services but also the way companies manages their data and information security framework globally.

Is your company ready for GDPR? Learn more on the official EU GDPR portal.

Nick Lambe

Group Managing Director, Links International