Current Status of ASEAN Data Governance and Its Implications for the Digital Economy Framework Agreement
Date:
28 January 2025Type:
Discussion PapersTags:
data governance, Data Free Flow with Trust, DFFT, Digital Economy Framework Agreement, DEFAPrint Article:
The transition to data-driven societies has heightened the importance of balancing the free flow of data with robust data protection for privacy, intellectual property, trade secrets, and national security. While different countries have introduced various data governance frameworks, including comprehensive privacy laws, differences in regulations across borders hinder data flow, increasing compliance costs and limiting business expansion, especially for small and medium-sized enterprises. The concept of Data Free Flow with Trust (DFFT), introduced at the G20 in 2019, aims to address this balance by promoting interoperability while respecting national sovereignty. In ASEAN, however, regulatory fragmentation further complicates cross-border data flow. Variations in data localisation policies and personal data governance amongst ASEAN Member States (AMS) create significant challenges for businesses. For instance, differences in requirements for sensitive data, data subject rights, and security measures necessitate additional compliance efforts for companies operating in multiple jurisdictions. Moreover, non-personal data regulations, such as restrictions on supply chain and research and development (R&D) data sharing or mandatory technology transfers, impede global R&D collaboration and discourage investment in certain countries. This study provides a comprehensive analysis of data-related regulations in ASEAN and proposes policy recommendations for the ASEAN Digital Economy Framework Agreement (DEFA), set for 2025. It highlights the need for transparency, regulatory alignment, and various mechanisms to ensure smoother cross-border data flow, ultimately fostering regional digital integration.
