Privacy Accountability Management Framework for Data Controllers Operating Across Asia
97 Pages Posted: 14 Nov 2014
Date Written: July 31, 2014
For data controllers operating across Asian jurisdictions that have data protection laws, the adoption of a privacy management programme, through the use of privacy accountability framework, could demonstrate to privacy regulators and customers their commitments to the protection of personal data, and to earn their trust.
However, many of the available privacy accountability frameworks pre-dated the majority of Asian data protection laws so it is unclear how suitable they are for data controllers operating across Asia.
This dissertation therefore seeks to answer the question “If a data controller is to implement accountability, which accountability framework, with or without modifications, can be practically deployed by data controllers operating across Asian jurisdictions?”
The study examined six privacy accountability frameworks available in the public domain, selected the Nymity Accountability Framework as the most creditable, practical and relevant framework and compared it with the data protection laws of nine Asian jurisdictions to identify gaps.
With a view to improving its user-friendliness to Asian data controllers who are often new to data protection legislation, the framework was then further analysed for improvements in terms of manageability and wording.
The result of the study is a number of proposals believed to make the framework more readily applicable to data controllers operating across Asia.
Keywords: Asian, Asia, privacy, data protection, Accountability Framework, Nymity, privacy management programme, privacy management program
Suggested Citation: Suggested Citation