The APPDI 5th Breakfast Meeting
Thursday, 9 July 2026
07:00 – 10:45 WIB
The APPDI 5th Breakfast Meeting Read More »
APPDI Participates in National Coordination Meeting on the Transitional Implementation Framework of Indonesia’s Personal Data Protection Law
The Personal Data Protection Act 2010 Malaysia (PDPA) provides the principal legal framework governing personal data protection in Malaysia. Among its enforcement mechanisms, Section 108 empowers the Personal Data Protection Commissioner (“Commissioner”) to issue enforcement notices where a data user is either contravening a provision of the Act or has contravened it in circumstances making further contravention likely…
From Soft Law to Hard Consequences: DPIA Guideline and the Expanding Reach of Section 108 PDPA
The Personal Data Protection Act 2010 Malaysia (PDPA) provides the principal legal framework governing personal data protection in Malaysia. Among its enforcement mechanisms, Section 108 empowers the Personal Data Protection Commissioner (“Commissioner”) to issue enforcement notices where a data user is either contravening a provision of the Act or has contravened it in circumstances making further contravention likely…
US Supreme Court Struck Down a Tariff – It Did Not Strike Down A Treaty : Implications on Renegotiations for Emerging Countries
The US Supreme Court in Learning Resources, Inc. v. Trump ruled that IEEPA (International Economic Emergency Powers Act) does not authorize the President to impose unilateral tariffs. Countries that had already signed Agreements…
Designing Accountability, Managing Exposure: MCIPD and Section 133 PDPA
What has received far less attention — yet carries significant governance implications — is how Standard 9.2, read together with Guideline 9.3, intersects with Section 133 of the Personal Data Protection Act 2010 (PDPA)…
Designing Accountability, Managing Exposure: MCIPD and Section 133 PDPA Read More »
Comprehensive Legal and Policy Analysis of the Draft Law on Personal Data Protection of the Kingdom of Cambodia
This report presents a comprehensive legal and policy analysis of the Draft Law on Personal Data Protection of the Kingdom of Cambodia. It aims to support the Ministry of Post and Telecommunications (MPTC) in refining and strengthening the draft to ensure that the final law achieves its intended objectives of safeguarding personal data…
Comprehensive Legal and Policy Analysis of the Draft Law on Personal Data Protection of the Kingdom of Cambodia
Across Europe, the Americas, Asia, and Africa, modern data protection regimes increasingly empower regulators to impose direct administrative financial penalties for non-compliance. ASEAN has followed the same trajectory. Regulators are no longer satisfied with guidance, warnings, or post-incident explanations…
Administrative Fines Are Becoming the Enforcement Norm — Why Malaysia Remains the Exception
Across Europe, the Americas, Asia, and Africa, modern data protection regimes increasingly empower regulators to impose direct administrative financial penalties for non-compliance. ASEAN has followed the same trajectory. Regulators are no longer satisfied with guidance, warnings, or post-incident explanations…
Unpacking Constitutional Court Decision on Adequacy, Appropriate Safeguards, and Consent for International Data Transfer (Decision No. 137/PUU-XXIII/2025)
The Indonesian Constitutional Court (Mahkamah Konstitusi) rendered judgment in Case No. 137/PUU-XXIII/2025 addressing Article 56 of Law No. 27 Year 2022 on Personal Data Protection (UU PDP) governing international data transfers…
Trade Without Borders, Data with Rules: Understanding ASEAN–U.S. Data Transfers
U.S.–ASEAN bilateral Agreements on Reciprocal Tariffs (ART) commitments reveal that cross-border data flows are far more complex than many assume. These agreements vary significantly across countries, and domestic laws remain decisive…
Trade Without Borders, Data with Rules: Understanding ASEAN–U.S. Data Transfers Read More »
