Following the EU’s General Data Protection Regulation (GDPR), which took effect on 25 May 2018, the Hong Kong’s Privacy Commissioner for Personal Data has spoken about possible reform of privacy law in Hong Kong and has encouraged organisations in Hong Kong to adopt an ‘ethical’ approach to how they handle personal data.
There has also been – and will continue to be – developments in China and wide-ranging reform throughout the wider APAC region. As a result, privacy issues are now on the radar of boards and senior management in organisations and appear to be here to stay.
In this Briefing, we review how the GDPR has been enforced since it took effect, including how its reach has been felt outside the EU, and explain why the GDPR is not an end of privacy law reform, but only the beginning.