While most of these laws are based on the GDPR’s framework, some nations have made their data laws extremely strict as well.
And this is where it gets tricky. Most of the big tech players want to have a strong presence in the region. Yet, as data privacy laws get stricter, most of them would move to another country with laxer laws.
Hong Kong, which is a hub in APAC for most of these companies, is about to experience a huge shift in the technological landscape as China plans to make changes to its privacy laws. As reported by Reuters, Facebook, Google, and Twitter are some of the companies that could potentially cease operations in the territory should officials implement the amended data protection laws that could hold these tech giants liable for doxxing campaigns.
According to reports, the Asia Internet Coalition, which includes the three tech companies above, asserted that the changes to the law may affect freedom of speech. The coalition urged Hong Kong to narrow down the scope of violations.
While data privacy laws are generally meant to protect the privacy of consumers, there have been concerns about freedom of speech and access to unregulated internet. For example, both Google and Facebook can’t be accessed in China.
Interestingly, if Facebook, Google, and Twitter do move their operations out of Hong Kong, Southeast Asia (SEA) would likely be the most suitable region for a relocation. Singapore, which already has stringent data privacy laws in place, is already an established technological hub in the region. The island nation is also home to the regional offices of these companies as well.
Data centers are a crucial infrastructure to enable tech providers to serve their customers. As it stands, SEA also happens to already be home to several data centers by large tech organizations. Local data privacy laws have seen to it that these companies that set their infrastructure up locally meet all compliance and regulations set.
Indonesia is one of the fastest-growing economies and is also home to the highest number of tech users in the region. However, in Indonesia, data regulations are unclear, although data is not allowed to leave the country — it has to be analyzed and stored locally. To meet these requirements, companies like Amazon Web Services (AWS), Alibaba, Google, and several others have invested in data centers in the region. These players cater to growing tech demands, but at the same time also ensure that they meet all compliance and data privacy regulations set by the governments of the countries they set up in.
Interestingly Alibaba also plans to launch its first data center in the Philippines for its cloud services. The US$1 billion funding is expected to boost tech and start-up talent across APAC. In Malaysia, Alibaba is also planning to build an international innovation center as a one-stop innovation enablement platform for Malaysian small and medium enterprises (SMEs).
Going back to data privacy, countries like the Philippines and Malaysia still do not have strong data privacy laws. While there exist some regulations of sorts to protect user data, there are still loopholes that need to be addressed. Southeast Asia still has some work to be done when it comes to implementing adequate privacy and security laws, but they are headed in the right direction.
Whilst proper regulations and laws ensure that data is well protected, they also need to be sensible and not impose restrictions that are too harsh. While international businesses can choose to pick another place to operate should privacy laws not favor them, local enterprises, especially SMEs, may not be able to do so.