How Asean can address the data privacy conundrum

WITHOUT a doubt, Asean is one of the fastest technology adopting regions on the planet. The region's Internet user base has grown from 260 million people in 2015 to 350 million people in 2018, and is forecasted to reach 480 million people by 2020.

This rapid growth, coupled with headline-grabbing data breaches, fake news scandals and the political mainstreaming of social media, has resulted in a flurry of regulatory activity among Asean rule makers. Many, if not all, Asean member states have or are in the process of developing privacy and cyber security laws. Singapore's 2018 Asean chairmanship resulted in the adoption of the Asean Framework on Personal Data Protection and the Asean Framework on Digital Data Governance, a starting point for Asean's version of Internet governance and especially for privacy regulation.

Yet as governments begin the admirable task of developing such privacy regulations, caution must be taken to adhere to some common principles and avoid conflating privacy and security. Privacy refers to rights of personal information while security refers to the protection of personal information.