Data Protection Lawand Practice in ASEAN
The ASEAN region, which includes the 11 Southeast Asian countries which are members of the Association of Southeast Asian Nations (ASEAN), has seen significant growth in tis digital economy over the past decade. This has been supported by the development of various laws that support the digital economy including laws relating to data protection. Notably, all but 2 members of ASEAN have enacted national data protection laws. While ASEAN has facilitated this through the development of various frameworks relating to data protection, the laws enacted by individual ASEAN members shows significant differences in the approach taken by different jurisdictions, particular in light of specific local concerns and considerations. Organisations operating in the ASEAN region are required to navigate these laws and find effective and business-friendly ways of complying while meeting their strategic objectives and business goals.
This course aims to introduce participants to the framework of data protection laws across the ASEAN region taking into account frameworks are guides developed by ASEAN itself. In particular, this course looks at how the laws of Brunei Darussalam, Malaysia, the Philippines, Singapore, Thailand and Vietnam address key data protection issues. A comparative approach is adopted to highlight significant similarities, common themes, as well as key differences across these countries’ laws. This is intended to enable participants to appreciate how the laws apply in practice to their own organisations, particularly in relation to cross-border aspects of data protection. This includes practical aspects of data protection management and as well as a consideration of how data protection and related laws in the region address key digital economy issues such as artificial intelligence governance, cybersecurity and digital trust.
Participants will have the opportunity to develop a personal framework to better understand and compare data protection laws across different jurisdictions and, through case studies, practical exercises, and discussions, to relate what they learn to their own organisations and context.
Who should attend?
This course is essential for anyone who wishes to develop a good practical understanding of data protection law in a cross-border context, particularly within the ASEAN region. This may include
- Data Protection Officers (DPOs) and Compliance Professionals
- Data Protection / Privacy Counsels and Corporate Counsels
- Data Scientists and Data Analysts
- Information Technology (IT) and Cybersecurity Professionals
- Human Resource (HR) Professionals
- Executives, Managers, and Staff involved in the management, collection, use or other processing of personal data
Course Details
| Course Code: |
DP405 |
| Title: |
Data Protection Law and Practice in ASEAN |
| Duration: |
2 days (approximately 14 contact hours) |
| Mode of Training: |
In-person |
| Available Date(s): |
2- 3 February 2026
10 - 11 March 2026 |
| Time: |
9.00 am - 5.00 pm (SGT) |
| Venue: |
Drew & Napier LLC, 10 Collyer Quay, 10th Floor, Ocean Financial Centre, Singapore 049315 |
| Course Fee: |
S$2,000.00 (excluding GST) |
Course Outline
Day 1
- Introduction to Data Protection and its International Context
- ASEAN Frameworks and Guides for Data Protection
- Overview of Data Protection Laws in ASEAN
- Processing of Personal Data: Finding Common Legal Bases for Processing Across ASEAN
- Care of Personal Data and Data Governance
Day 2
- Outsourcing and Cross-border Transfers of Personal Data within (and beyond) ASEAN
- Protection of Personal Data and Data Breach Notification
- Accountability for Personal Data and Data Protection Management
- Managing Personal Data Across Borders
- Data Protection in the Digital Economy: Artificial Intelligence Governance, Cybersecurity and Digital Trust
Course Facilitator
David N. Alfred
Director, Corporate &
Finance
Co-Head, Data Protection,
Privacy & Cybersecurity
Practice
Co-Head and Programme
Director, Drew Data
Protection &
Cybersecurity Academy
|