By Tiffany Li*
As of publication
date, University of New South Wales Law Professor Graham Greenleaf’s Asian Data Privacy Laws: Trade and Human Rights Perspectives is the only comprehensive book available that examines and
aggregates the privacy laws of countries across Asia. This is important because
on an international level, Asian privacy law is relatively underdeveloped when
compared with the privacy law of other regions including the Americas and
Europe. With the rise of Asia as an economic and technological powerhouse,
Asian privacy laws are becoming increasingly crucial to any serious study of
international privacy law. Understanding the current status of privacy laws in
Asia is also essential for any U.S. or international entity that seeks to
influence or adapt to the future direction of privacy law both in Asia and, by extension,
the world.
In this landmark
treatise, Greenleaf begins with an overview of the international field of
privacy law as it currently stands, situating Asian data privacy law within the
context of (a) the larger history of Asian privacy protection and (b) the wide
range of privacy regimes in other regions of the world. The book then continues
with proposed methodological standards for comparing privacy laws across Asia,
before delving into the laws of each nation, with dedicated chapters for Hong
Kong, South Korea, Taiwan, China, Japan, Macau, Singapore, Malaysia and other
ASEAN nations, as well as India and other SAARC nations.
Though the
intricacies of each Asian nation’s particular collection of privacy regulations
and case law are fascinating to read, Greenleaf’s treatise has greater impact when
taking into account the prominent role that Asian privacy laws will have in the
future geopolitical economy. While Greenleaf’s treatise on Asian data privacy
laws obviously does not focus on the U.S., the treatise is a welcome addition
to the foundational reference materials for any U.S. privacy scholar, given the
growing importance of Asian and international privacy laws on the future of the
U.S. private sector.
From a U.S.
perspective, this book, and Asian privacy law in general, may perhaps be most
enlightening because of the impact of developing Asian privacy laws on the
livelihood of U.S. corporations. In terms of privacy law, the U.S. favors a
sectorial approach, with no omnibus national privacy law. Instead, privacy law
in the U.S. is ruled by different laws and regulations for each sector—HIPAA for health data privacy, ECPA for e-mail privacy, RFPA and other related laws for consumer financial information
privacy, and so on.
In contrast, most
other nations and regions with well-developed privacy laws generally have
centralized omnibus laws that apply to all sectors of industry—the most
well-known and most influential of these laws being the E.U. Data Protection Directive. On a global scale, the U.S. sectorial
approach to privacy law has been heavily debated, criticized as American
exceptionalism by some (including Greenleaf), but defended as uniquely adapted to
U.S. needs by others.
As Asian countries
develop stronger privacy regimes, it is likely that, as Greenleaf proposes, the
E.U. Directive and other omnibus privacy regulations will have heavy influence
over the direction of Asian privacy laws. In the same vein, Greenleaf argues
that U.S. privacy laws will have less influence on the future development of
Asian privacy laws. Greenleaf explains:
“Although
the influence of US companies and its government will remain extremely
important, the USA is in an increasingly isolated position in not having a
national data privacy law covering its private sector, and this puts it in an
increasingly defensive position when attempting to influence global data
privacy standards.”
While it is overly
simplistic to state that the U.S. has an ingrained national tendency toward
business-friendly laws, it is not too extreme to suggest that American
corporations (particularly in the information technology sector) have a
strongly vested interest in ensuring that the U.S. maintains some degree of
influence on the future trajectory of privacy laws in Asia and the world at
large. As such, an understanding of Asian data privacy laws is essential for
the U.S. tech sector, and comprehensive treatises like Greenleaf’s should not
be overlooked by the American legal community.
Throughout the
treatise, Greenleaf includes much more thoughtful analysis on a variety of
topics regarding the past, present, and future of Asian data privacy laws. The book’s
greatest strength is its comprehensiveness, though the book excels more in
breadth than depth (understandably, given the size of the topic and the fact
that this is, after all, a general treatise addressing laws from all of Asia).
In particular, more attention could have been paid to discussions of the
cultural and sociopolitical environments of each nation and the manner in which
privacy laws will or should best develop accordingly. Additionally, though Greenleaf
offers compelling arguments for rejecting the weight much modern privacy
scholarship has given to the influence of the APEC principles, his analysis
(when delivered in brief) is perhaps too readily dismissive.
Greenleaf concludes
the treatise with “cautious optimism” for the future of Asian data privacy
laws. He emphasizes that though Asian data privacy laws are still in their
relative infancy, he believes that “there are grounds for optimism, but not
overconfidence, that in future they will restore a better balance between the
human right of privacy and other interests.” It is impossible to divine exactly
how Asian privacy law will develop, but with this treatise, Greenleaf has
created a laudable resource for privacy scholars in the U.S. and abroad.
*Tiffany C. Li is a Privacy Fellow
at the Wikimedia Foundation. (Opinions expressed in this article are those of
the author and do not necessarily reflect those of the Wikimedia Foundation or
any other entity.) Tiffany is also a Certified Information Privacy Professional
(CIPP/US, CIPP/E) and a 2014 graduate of Georgetown Law. Follow her on Twitter
at @tiffanycli.
0 comments:
Post a Comment