惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Cisco Talos Blog
Cisco Talos Blog
V
V2EX
C
Check Point Blog
GbyAI
GbyAI
D
Docker
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
B
Blog RSS Feed
H
Hackread – Cybersecurity News, Data Breaches, AI and More
N
Netflix TechBlog - Medium
T
Troy Hunt's Blog
博客园 - Franky
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Microsoft Security Blog
Microsoft Security Blog
P
Privacy & Cybersecurity Law Blog
WordPress大学
WordPress大学
The Cloudflare Blog
S
SegmentFault 最新的问题
Latest news
Latest news
Microsoft Azure Blog
Microsoft Azure Blog
P
Proofpoint News Feed
I
InfoQ
博客园 - 【当耐特】
NISL@THU
NISL@THU
A
About on SuperTechFans
T
Tailwind CSS Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
The Hacker News
The Hacker News
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Scott Helme
Scott Helme
雷峰网
雷峰网
C
CXSECURITY Database RSS Feed - CXSecurity.com
Security Latest
Security Latest
V
Vulnerabilities – Threatpost
Security Archives - TechRepublic
Security Archives - TechRepublic
A
Arctic Wolf
Hacker News: Ask HN
Hacker News: Ask HN
N
News and Events Feed by Topic
IT之家
IT之家
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
aimingoo的专栏
aimingoo的专栏
T
Threat Research - Cisco Blogs
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
阮一峰的网络日志
阮一峰的网络日志
SecWiki News
SecWiki News
大猫的无限游戏
大猫的无限游戏
S
Security Affairs
The Register - Security
The Register - Security
www.infosecurity-magazine.com
www.infosecurity-magazine.com
L
LINUX DO - 热门话题
T
Tor Project blog

Future of Privacy Forum

FPF Submits Comments to Inform California Children’s Social Media Protections Rulemaking Process Mandating “Evidence-Based” Suicide Detection in Chatbots Data Brokers & Beyond: Navigating New Jersey’s Data Broker & “Data Collector” Registration Law - Future of Privacy Forum FPF Hosts Frontiers Workshop on Privacy, AI, and Emerging Infrastructure FPF’s 2026 DC Privacy Forum: Leading Voices in AI, Privacy and Emerging Technology Understanding Data Embassies and Corridors Perseverance Pays Off for Vermont Privacy Efforts Future of Privacy Forum Announces 2026 Career Achievement Award Recipients - Future of Privacy Forum Future of Privacy Forum Releases Comprehensive Report On Algorithmic Personalization in Youth Online Experiences Frontier AI Goes Federal: How the Great American AI Act Compares to State Laws Privacy Becomes You, Bayou State: A Look at the Louisiana Data Privacy Act Comparing Enacted App Store Accountability Acts - Future of Privacy Forum No Silver Bullet, But a Silver Lining? PETs and International Data Transfers Career Choice in the AI Age: What Next for Privacy and Data Professionals? FPF Releases Practitioner Guides on Privacy Enhancing Technologies for Education Stakeholders SB 5 in Five: What to Know About Connecticut’s New AI Law Third Time’s the Charm: Connecticut Enacts Annual Privacy Update - Future of Privacy Forum Colorado Revises Its AI Act: What Changed and Why The EU Commission’s Approach to Age Verification: Mobile Apps, DSA Enforcement, and Challenging National Social Media Bans Taking stock: The Impact of the India AI Impact Summit 2026 The New(ish) Architecture of Consumer Health and Artificial Intelligence Celebrating Another Year of Privacy and AI Governance: FPF at the 2026 IAPP Global Summit - Future of Privacy Forum Adapting the Privacy Profession to Changing Times More Parties, More Risks, More Opportunity? Evolving Governance to Support Cyber Resilience Amidst Evolving Policy and Technological Change Contextualizing the Proposed SECURE Data Act in the State Privacy Landscape FPF on the Securing and Establishing Consumer Uniform Rights and Enforcement Over Data ("SECURE Data") Act The Alabama Personal Data Protection Act Brings Consumer Privacy to the Heart of Dixie The Price is Right: Responsible Uses of Personal Data in Pricing Red Lines under the EU AI Act: Restricting Real-time Remote Biometric Identification Systems for Law Enforcement Purposes The Rest of the West: Oregon and Washington Build on California Chatbot Law Red Lines under the EU AI Act: Understanding the prohibition of biometric categorization for certain sensitive characteristics 2026 Chatbot Legislation Tracker Red Lines under EU AI Act: Unpacking the prohibition of emotion recognition in the workplace and education institutions Privacy Protections Coming Sooner Rather Than Later to the Sooner State Navigating Autonomy and Privacy in Emerging AgeTech: Insights from the FPF Roundtable Incentives or Obligations? The U.S. Regulatory Approach to Voluntary AI Governance Standards Red Lines under the EU AI Act: Understanding the ban of the untargeted scraping of facial images and facial recognition databases
Navigating Cross-Border Data Transfers in the ASEAN Region: An Analysis of Developments from 2023 to 2026
https://www.facebook.com/FutureofPrivacy · 2026-07-16 · via Future of Privacy Forum

Deputy Director for Asia-Pacific and China

Josh Lee Kok Thong

Managing Director for APAC

Today, the Future of Privacy Forum (FPF) published an Issue Brief comparatively analyzing developments in cross-border data transfer regulations in the Asia-Pacific (APAC) from 2023 to 2026. Titled Navigating Cross-Border Data Transfers in the APAC Region: An Analysis of Developments from 2023 to 2026, the Issue Brief examines the rapidly evolving landscape of cross-border data transfers in the last few years, and builds upon a 2023 Issue Brief first released by FPF covering developments from 2021 to 2023. 

Cross-border data transfers are pivotal in enabling the global digital economy and facilitating digital trade. These transfers allow businesses to provide services globally, while allowing individuals access to a wide range of digital services and platforms. Yet, cross-border data transfers also raise legitimate concerns regarding the protection of individuals’ privacy and security.

This tension remains the core challenge for data protection laws in the APAC region. The Report, however, finds that there are shifts in the balance, particularly along the following the trends:

  • APAC jurisdictions are increasingly converging around safeguards-based mechanisms, such as Standard Contractual Clauses (SCCs) and Binding Corporate Rules (BCRs);
  • The adoption of “whitelisting” mechanisms is expanding in the APAC region, while some APAC jurisdictions have adopted a “blacklisting” approach;
  • Despite the liberalisation of requirements in some jurisdictions, new restrictions on CBDTs are emerging in others;
  • There is a growing trend towards requiring organisations to conduct Transfer Impact Assessments (TIAs); 
  • Regional frameworks and initiatives are gaining traction to reduce fragmentation; and
  • Regulators are equipping themselves with stronger enforcement tools, thus raising the possible repercussions for organizations that fail to comply with CBDT requirements.

These trends, along with the emergence of several new data protection laws as well as the amendment of several existing data protection laws across a number of key APAC jurisdictions, marks a more complex and yet, in some ways, converging, compliance picture for organizations in the region. In particular, it illustrates a dual dynamic: convergence towards international safeguards and accountability standards, along with divergence in localisation and sovereignty-driven measures. 

Beyond these, the Issue Brief now provides detailed jurisdictional updates of 14 APAC jurisdictions — a significant increase from the six covered in the first edition of the Issue Brief.

For deeper analysis of these points and of the cross-border data transfer provisions for each of the 14 jurisdictions covered, download the Issue Brief here.

For inquiries about this Issue Brief, please contact Josh Lee Kok Thong, Managing Director (APAC), at [email protected], or Dominic Paulger, Deputy Director (APAC), at [email protected].

Please note that nothing in this Issue Brief should be construed as legal advice.