New industry network to bolster data protection in ASEAN

A group of universities, certification bodies, law firms and data protection experts have banded together to form an industry network that hopes to shore up the data protection capabilities of organisations in Southeast Asia.

The first of its kind in the region, the Data Protection Excellence (Dpex) network will assist organisations and individuals new to data protection laws by providing hands-on training and professional certification courses.

Spearheaded by data protection consultancy Straits Interactive and Singapore Management University (SMU), it will also promote sharing of best practices and research in data protection and operational compliance across the region.

The formation of the Dpex network comes at a time when demand for data protection expertise is growing.

According to the International Association of Privacy Professionals (IAPP), more than 28,000 data protection officers (DPOs) will be needed in the European Union, and as many as 75,000 around the globe as a result of the General Data Protection Regulation (GDPR).

With DPOs being a mandatory requirement in Singapore and in the Philippines, research by Straits Interactive has shown that more than 10,000 data protection professionals will be needed in Singapore alone in the next three years.

Singapore, along with neighbouring Malaysia and the Philippines, are already enforcing local data protection laws, while Indonesia and Thailand are expected to follow suit by the end of 2018.

In Singapore, current and aspiring DPOs can take up two new SMU advanced certificate courses, leading to an advanced diploma in data protection and the Professional Conversion Programme (PCP) for DPOs.

The advanced certificates, which cover data protection principles and operational requirements of data protection laws in ASEAN, Greater China and the European Union, are targeted at non-legal professionals interested in data privacy and protection.

Through the PCP, those training to become DPOs are also matched with employers participating in the same programme, thus lowering the cost of hiring data protection staff, particularly for small and medium-sized enterprises.

Lim Lai Cheng, executive director of SMU Academy, the professional training arm of SMU, said the institution had been partnering the industry and tuning in to the needs of various sectors and areas, such as data protection.

“We see a big potential here, having successfully trained close to 500 undergraduates and individuals in our hands-on data protection officer course thus far, as part of our professional continuing education programme,” she added.

Straits Interactive CEO Kevin Shepherdson said such training initiatives would help to “professionalise the role of the data protection officer, training individuals to attain international certification standards and making a concrete contribution to meeting the demand for data protection expertise in Singapore as well as in the ASEAN region”.

Besides Straits Interactive and SMU, other Dpex members include the Islamic University of Malaysia, Indonesian information security specialist Xynexis, the IAPP, Dutch certification body Exin, the Open Compliance Ethic Group, European legal publisher Lexxion, European Institute of Technology Science Centre Foundation, as well as legal firms Lyn Boxall and FMH Law.