Kia ora from Aotearoa New Zealand,
Itâ€™s great to have the opportunity to highlight some of the interesting privacy matters happening in the Asia-Pacific region currently, but, before doing so, I would like to draw attention to the iappANZ Summit taking place in a few weeksâ€™ time in Melbourne â€” 1 and 2 Nov.
The agenda for the Summit is focusing on “Privacy: Handling the Seismic Shift.” 2018 has seen unprecedented local and global attention on privacy, and we will explore the impact of this, along with trends in privacy innovation, technology, regulation and media. We have a wonderful mix of highly regarded New Zealand and Australian speakers, as well as some terrific keynote speakers joining us from the U.K. and the U.S. Please check it out, and come and join us. There are a few tickets remaining.
Strictly speaking, the Asia-Pacific Dashboard Digest should focus on this vast region. However, privacy reach is truly global, not bound by regional boundaries. There are some good examples of this currently. The extraterritorial scope of the GDPR will undoubtedly interest or impact those of us in the region who have GDPR-compliance obligations.
The cyberattack on the financial credit card details of 380,000 British Airways customers (Iâ€™m a little biased here, given my role as CPO for Air New Zealand) will raise many questions for organizations to consider when the EU investigation takes off and will provide an early indication of whether BAâ€™s actions taken pre- and post-incident were â€œadequateâ€� or will result in regulatory action. Any global customer could have been caught up in this incident simply by purchasing tickets via BA. Therefore, BA has been offering compensation to global travelers, which could be significant, especially given many customers BA communicated with werenâ€™t told whether their card details had indeed been â€œstolen.â€� I wonder how this will play out in reality, and we should all be watching with interest as to how these travelers are compensated.
The effect of this incident on customer trust globally, however, is the difficult one to put a figure on. The airline that was once dubbed the â€œworldâ€™s best airlineâ€� is suffering reputational damage, with share value reduced by nearly 4 percent and awareness of this incident having the global reach that the GDPR set out to achieve.
We also see privacy’s global reach with the Indian Central Bureau of Investigation registration of a preliminary inquiry against Cambridge Analytica, writing to Facebook and Cambridge Analytica to obtain more information on their well-publicized incident. They are keen to determine if the personal data of Indians was compromised through harvesting and misuse.
You can also read below the views of Victorian Privacy and Data Protection Deputy Commissioner Rachel Dixon, who says that â€œwith public debates over My Health Record and new tech surveillance laws, the public is now more informed about these issues than ever before.â€�
I believe that â€œpublicâ€� awareness is now global; we are not just paying attention to what might impact us close to home, but we are being ever vigilant about what might hit us from across the oceans, as well.