The Hong Kong and Singapore data protection authorities recently signed a Memorandum of Understanding (MOU) to strengthen cooperation in personal data protection between the two jurisdictions. Under the MOU, Hong Kong’s Privacy Commissioner for Personal Data (PCPD) and Singapore’s Personal Data Protection Commission (PDPC) promise to engage in the sharing of experiences and best practice, conduct joint research projects and exchange information regarding potential or ongoing investigations on data breaches.
The MOU was signed in Tokyo on 31 May 2019, at the side-lines of the 51st Asia Pacific Privacy Authorities Forum, by Mr Stephen Kai-yi Wong, the Privacy Commissioner of Hong Kong’s PCPD, and Mr Yeong Zee Kin, Deputy Commissioner of Singapore's PDPC. It is the result of initial discussions between the two authorities in September 2018 to further partnership opportunities and develop bilateral platforms for advancing the protection of personal data.
The MOU is a step forward in cross-jurisdictional efforts to share knowledge and expertise. It allows both jurisdictions to consolidate resources to make further progress in enhancing personal data protection and enjoy collective and sole benefits. Both authorities have publicly expressed their willingness to improve working relations and put together a collaborative framework. Mr Wong noted that the MOU “provides a solid framework for promoting collaborative initiatives and information exchange” in personal data protection. He explained that this cross-jurisdictional collaboration “better prepares Hong Kong to enter into the new ‘post-digital’ era.” Mr Tan Kiat How, Commissioner of Singapore’s PDPC also expressed similar sentiments. He noted that such collaborative efforts should be extended to other jurisdictions as they are “needed to advance personal data protection and prepare for a digital economy.”
The Guide to Data Protection by Design for ICT Systems (DPbD) was recently released as part of the enhanced cooperation between Singapore and Hong Kong. The guide introduces the key principles of personal data protection and outlines best practices for building ICT systems which better protect personal data. It encourages organisations to proactively incorporate data protection considerations when developing ICT systems from the onset, and provides practical guidance for organisations in different phases of their software development.
For the full Guide to Data Protection by Design for ICT Systems, please refer to this link.
This document (and any information accessed through links in this document) is provided for information purposes only and does not constitute legal advice. Professional legal advice should be obtained before taking or refraining from any action as a result of the contents of this document.