Monday, March 8, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

Data-Sharing Regulations Heat Up in 2020

Emerging Policy Trends to Watch

by Seha Yatim
April 22, 2020
in Data Privacy, Featured
gauge with needle on fire

Access Partnership’s Seha Yatim contributes to the discussion on tech policy trends, offering predictions for increased data-sharing regulations this year.

Our data is collected by almost every service we use. Many companies, from social media platforms to content platforms, e-marketplaces and search engines, rely on an advertising-driven, data-tracking business model to sustain themselves. Traditional industries, such as telecommunications, hardware and aviation also collect customer data to personalize services and improve efficiency. However, the introduction of the EU’s GDPR and recent high-profile personal data breaches have put the collection and use of data under increased regulatory scrutiny.

2020 will be the year of regulation on data sharing. In Europe, the EU Commission had indicated they will work on the ePrivacy Regulation that aims to regulate how companies share data. Regulators in Asia are also deliberating this topic. Australia’s Consumer Data Right rules for the banking sector will be implemented in July 2020 and will extend to the energy and telecommunications industries. Japan introduced “information banks” to encourage data sharing while Singapore launched the “Trusted Data Sharing Framework” in 2019 and is striving for higher adoption in 2020. As more countries prepare to launch 5G networks, further collaboration among ecosystem partners will be encouraged. In this context, we anticipate several policy trends surrounding data sharing to emerge in 2020.

Prescriptive Regulation

With the aim of minimizing risks for stakeholders, regulators may introduce prescriptive and burdensome data-sharing laws. They could require data to be stored locally, mandate a local trust certification, require companies to conform to standards set by incumbents and instruct companies to categorize shared data to the point that it is no longer useful. Such regulation does not consider the different ways companies operate. It raises compliance costs and heightens security risks if data sharing is forced without every player having the appropriate levels of protection.

Protecting the Consumer but Impeding Innovation

Although policymakers naturally aim to protect consumers from data monetization practices, this can impede innovation – as the EU’s GDPR has shown. Technologies such as artificial intelligence and IoT need large amounts of high-quality data, and when data is difficult to access, firms may choose to relocate to countries with less inhibitive laws. A common view among industry players is that excessive regulation does not stop innovation, it just moves it elsewhere. Stakeholders must work together to ensure that this does not happen and develop tools to build trust in data sharing.

Favoring Local Players

Competition regulators are wary of big international companies that hold large amounts of data. They are concerned that these companies reinforce their dominant market position by processing data to tailor their services – making it difficult for consumers to switch providers.

Additionally, regulators suspect that they use their position to force smaller players to share data with them. The Japan Fair Trade Commission has completed studies in this area. In October 2019, it released its report on trade practices on digital platforms and indicated that, moving forward, they will examine if digital platform operators use data from companies using their platforms for their own sales. Policymakers’ desire to promote local industry may motivate them to create barriers for international companies by inhibiting data-sharing practices and imposing broad provisions that include the sharing of proprietary data. As the public-private discourse risks being dominated by a small number of domestic companies, it is important for all segments of industry to be involved in discussions of data sharing in the local and regional policy environment.

No Differentiation Between Consumer and Non-Consumer Data

Data-sharing discussions tend to be disproportionately focused on personal data and to disregard other forms of data collected about environment and equipment. This non-consumer data is very valuable. For example, sensors in a factory collect data about the life cycle of equipment for companies to conduct predictive maintenance. It is also useful in determining when cracks may appear at mining sites, saving workers’ lives. There are always ways for those with malicious intent to misuse data; however, policymakers must be aware of the different types of data, such as consumer and non-consumer data, and tailor their approach appropriately so as to encourage data sharing while ensuring adequate protection.

Unsymmetrical Regional Regulations

Although governments understand the importance of accessing data to develop artificial intelligence and fintech, governments have different national priorities and appetites for risk. This could result in differing national data-sharing regulations with varying requirements and processes. Unsymmetrical regulations across regions will inhibit data-sharing activities and raise compliance costs, as tailored approaches will be needed for each market. Companies could choose to work through regional groupings and multilateral organizations to identify a common baseline that could then be adopted across different markets.

Penalties That Inhibit Data Sharing

Penalties exist to motivate stakeholders to comply with regulations and should encourage companies to collaborate, share data and be held accountable. Most importantly, penalties should correspond with the objectives of data-sharing regulation. Introducing harsh penalties like jail time for employees or very high fines could critically affect the profitability of a company and, in turn, create a culture that opposes collaboration and data sharing.

What Does This Mean for You?

Businesses must track new developments in data-sharing regulation as they evolve, especially in Asia, where the regulatory environment is more volatile and unpredictable. Companies can no longer collect and use data without facing consequences, and they need a flexible approach to gain the trust of consumers and regulators. Companies that can quickly adapt to these trends will have a competitive advantage and still be able to leverage the benefits of data sharing. In Asia, the lack of homogeneity – from culture to levels of readiness – means companies need to adopt a nuanced approach to be successful.


The pieces in this series have been extracted from a larger report by Access Partnership on the trajectory of tech policy in 2020. The next and final installment will discuss the internet of things, providing a primer on past and future regulatory motions.


Tags: Artificial Intelligence/A.I.fintech
Previous Post

New CCPA, GDPR TPRM Privacy Guidelines and Checklists from Shared Assessments

Next Post

When Global Disasters Strike: Other Theories of Excused Performance

Seha Yatim

Seha Yatim is a Policy Manager for Asia & the U.S. at Access Partnership, a global public policy consultancy for the tech sector. Seha helps companies navigate the technology-related regulatory and policy environment in the Asia-Pacific region, with a special focus on ASEAN. She analyses various technology policies including data privacy, cybersecurity, technology risk, smart cities and others. With her acute sense of business impacts, she also identifies opportunities for clients to enable them to expand their business and achieve their goals. Prior to joining Access Partnership, Seha worked for the world’s largest package delivery company to raise thought leadership on trade and industry issues such as cross-border trade, e-commerce, high tech, industrial manufacturing and free trade agreements. She began her career in the Singapore Ministry of Manpower, where she formulated and executed communications plans for foreign manpower policies, as well as labor-trafficking issues. Seha holds a Master of Science in International Relations from the S. Rajaratnam School of International Studies and a Bachelor of Business Management from the Singapore Management University. She is a Certified Information Privacy Professional/Asia (CIPP/A) and is fluent in English and Malay.

Related Posts

Webianr grpahic for behavox and CCI roundtable

The Power of AI in Financial Services Compliance

March 8, 2021
green and red location markers on map

FinCEN’s Registry Will Be a Game-Changer. It Will Also Place an Added Burden on Corporations.

March 5, 2021
illustration of man under giant gavel

BitPay’s $507K OFAC Sanctions Violations Settlement

March 4, 2021
The facade of the SEC in Washington, D.C.

Prepare Now to Comply with SEC’s Updated MD&A and Related Financial Disclosure Requirements

March 3, 2021
Next Post
illustration of figures shaking hands torn down the middle

When Global Disasters Strike: Other Theories of Excused Performance

OneTrust offers download to demonstrate privacy management leadership
Access realtime data
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence ESG fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights