|
David Llewelyn |
David Llewelyn is Deputy Dean and Professor (Practice) at Singapore Management University’s School of Law. He is also Professor of Intellectual Property Law at King’s College London; and sits as an arbitrator in international commercial disputes. David is an IP Adjudicator at the Intellectual Property Office of Singapore and author of leading texts on UK and EU trade marks and intellectual property law, as well as Cases, Materials and Commentary on Singapore Intellectual Property Law (2018) and business book Invisible Gold in Asia: Creating Wealth through Intellectual Property (2010). He has been appointed by the Singapore Court of Appeal as amicus curiae in cases involving trade marks, copyright and patents, and practices through his law firm David Llewelyn & Co LLC. |
Synopsis
Data and data management has emerged as the most important driver for modern economic change and development. New industries have emerged from the use of data and with data as the core asset, while many traditional models of business are ‘disrupted’ or drastically changed due to the changes in the format of products, the nature of services and the innovations to delivery methods. Personal data is an important category of data as it involves issues of privacy and an individual’s rights to self.
Artificial Intelligence (A.I.) has become an integral tool for the management of data, including personal data, as it provides greater accuracy and efficiency. This provides challenges for regulators as A.I. gives rise to potential lack of transparency and oversight, and to potentially far ranging and damaging abuse. The regulation of data collectors and their use of A.I. in relation to data management have not been a feature of data protection laws for many years, but it is increasingly becoming the focus of newer principles and legal provisions. At the same time, A.I. can also be a regulatory tool to ensure compliance and accountability, and to further personal data rights and interests (e.g. through data portability and privacy by design requirements).
Should personal data handled by A.I. be treated any differently under regulation? What role can A.I. play in regulation and security? How has A.I. increasingly become a feature in data protection laws? Is creating a form of propertisation of personal data and ‘data ownership’ useful? These are some of the lingering questions that regulators are currently grappling with.
The data protection regime in Singapore’s Personal Data Protection Act (PDPA) have been in force for five years and will undergo major changes in its next revision after a period of extensive review, it is thus timely to consider these amendments, how A.I. features in the PDPA 2.0 and the future role of A.I. in the management and protection of personal data. Reference will be made to similar trends in other jurisdictions, in particular the E.U. and the General Data Protection Regulation (GDPR) of 2019 where relevant.
Speaker
|
Warren B. Chik |
Warren researches, writes and teaches in the areas law that intersect with Infocomm Tech, Digital Media, Data Protection and Disruptive Innovation. He is looking into issues relating to ‘Fake News’ or ‘False Information’ from both legal and non-legal perspectives. |
Synopsis
The benefits of transborder data flows for innovation, productivity and sustainable growth have been clearly evidenced, and will be critical for AI-led development. However, recent years have also seen a proliferation of data sovereignty measures, imposing data residency or localisation requirements on certain sectors of industry or types of data (e.g. China and Indonesia). Such restrictions may advance legitimate public policy objectives (protection of personal data, national security), but others appear purely protectionist. This presentation will consider the potential impact of data sovereignty concerns on AI infrastructures and applications, as well how sovereignty issues are reflected in both trade agreements and private law agreements.
Speaker
|
Ian Walden |
Ian Walden is Professor of Information and Communications Law and Director of the Centre for Commercial Law Studies, Queen Mary, University of London. His publications include Media Law and Practice (2009), Free and Open Source Software (2013), Computer Crimes and Digital Investigations (2nd ed., 2016) and Telecommunications Law and Regulation (5th ed., 2018). Ian has been a visiting professor at the universities of Texas, Melbourne and KU Leuven. Ian has been involved in law reform projects for the World Bank, European Commission, Council of Europe, Commonwealth and UNCTAD, as well as numerous individual states. Ian was a ‘expert nationaux détaché’ to the European Commission (1995-96); Board Member and Trustee of the Internet Watch Foundation (2004-09); on the Executive Board of the UK Council for Child Internet Safety (2010-12); the Press Complaints Commission (2009-14), a member of the RUSI Independent Surveillance Review (2014-15) and is a member of the Code Adjudication Panel at the Phone-paid Services Authority (2016- ). Ian is a member of the Commission’s Expert Group to support the application of the GDPR. Ian is a solicitor and Of Counsel to Baker McKenzie. Ian leads Queen Mary’s qLegal initiative and is a principal investigator on the Cloud Legal Project. |
Synopsis
In Southeast Asia, consumers’ habits are changing: more and more people are interacting on social media, shopping online, booking transport and buying food through mobile apps, and watching movies online. In a joint report released by Google and Temasek in 2018, it is projected that the digital economy will continue to grow rapidly in the Southeast Asia region, soaring to US$240 billion by 2025.[1] At the same time, around the world, data-driven global tech companies, such as Alibaba, Tencent, Facebook, Google, are increasingly coming under attack for their insufficient protection of users’ personal data. Regulators are under mounting pressure to constantly revise and innovate their regulatory approaches. The Singapore regulator, in particular, is at the point of considering reform to its current legislation which takes a balanced approach and provides base line protection to data subjects. Significantly, Singapore is part of ASEAN and given its legal infrastructure and appeal to AI tech giants, is at a promising position to take regional leadership in privacy protection.
However, whilst regulation is needed, it should not be looked upon as the only solution. Indeed, “heavy-handed” regulations and vague regulatory obligations are perceived to be business barriers. Further, the popular regulatory approach of prescribing checklist obligations (seeking consent, data portability etc) has been criticised for encouraging symbolic compliance because the interpretation of the obligations are outsourced to engineers.
Is there a greater role for private law principles in the protection of personal data? To do so effectively, private law principles require internal innovation. This paper examines two hotly-debated concepts: regulating personal data through property law concept of ownership and the American conception of “information fiduciary”. This paper identifies the respective strengths and weaknesses of both concepts, as well as discuss the feasibility of their implementation in practice. These concepts may be implemented as private law principles per se, operating within the common law ecosystem. Alternatively, and for legal transplant considerations, they may inspire new regulatory approaches. One advantage these private law concepts may have over checklist regulatory obligations is that the responsibility of interpretation rests with lawyers. It will also be examined whether these private law conceptions, however implemented, may better achieve the aims of Singapore to enhance consumer trust and promote industry diversification.
Speaker
|
Yip Man |
Yip Man is an Associate Professor of Law in the School of Law at the Singapore Management University. She graduated with an LL.B. from the National University of Singapore. After completing her pupilage and a brief stint as an associate at Allen & Gledhill LLP (Litigation and Dispute Resolution Department), she went on to obtain her B.C.L. from the University of Oxford, where she was in residence at Keble College. After completing her B.C.L. studies, she joined WongPartnership LLP (Litigation and Dispute Resolution Group (Commercial & Corporate Disputes)) as an associate, where she practised mainly in the area of international commercial arbitration. She joined Singapore Management University, School of Law in July 2010 as Assistant Professor of Law and was promoted to Associate Professor (with tenure) on 1 January 2017. She is presently the Deputy Director of the Centre for Cross-Border Commercial Law in Asia and the Private Law Cluster Coordinator at the School of Law. Her principal research interests are in unjust enrichment and restitution, equity and trusts, private international law, contract law and remedies. Her work has been cited by the Singapore Court of Appeal, the Singapore High Court and the High Court of England and Wales. In recognition of her research, she was awarded the DS Lee Fellowship in 2016 and the Lee Kong Chian Fellowship in 2018. |
|
Lanx Goh |
Lanx Goh is the Senior Legal Counsel, Privacy & Cybersecurity Lead and Global Data Protection Officer for Klook Travel Technology Pte Ltd. He was formerly the Head of Investigation at the Personal Data Protection Commission, and was involved in the review process of the Personal Data Protection Act. He is an Adjunct Assistant Professor and Adjunct Lecturer with National University of Singapore, Faculty of Law and Singapore Management University, School of Law respectively where he developed and co-teach the Privacy & Data Protection Law courses. He is also one of the authors for the 2nd Edition of Simon Chesterman (ed), Data Protection Law in Singapore: Privacy and Sovereignty in an Interconnected World. By invitations, he had published articles for peer-reviewed journals in Japan, Singapore and the United Kingdom on privacy, data protection and cybersecurity laws as well as international commercial litigation and arbitration. He had also spoken at various conferences and seminars such as Data Privacy Asia, IAPP Asia Privacy Forum, NUS CLE Seminar Series and Customer Privacy & Data Protection Asia Summit. |
|
KK Lim |
KK heads the firm’s Cybersecurity, Privacy and Data Protection Practice Group. He has more than 25 years of experience in technology advisory and commercial matters, with a focus in representing clients and advising matters involving privacy and data protection, cybersecurity, mobile security, audit and compliance advisory. This includes technology investments due diligence. Apart from technology law, he is also involved in the emerging fields of cyber insurance and matters relating to the digital economy such as data governance, artificial intelligence and block chain. His other practice areas include employment matters such as employment disputes, work injury compensation and trust & private wealth management. A well-recognised figure in the information security and legal technology fraternity; he is often invited to speak on technology law, risk compliance and cybersecurity and data protection in conferences and forums. Prior to being called to the Singapore Bar, KK worked for both the public and private sectors such as the Singapore Government, PLCs listed in Singapore and New York in the fields of technology policy, market research and information security consulting and data privacy including being the Chief Privacy Officer (APAC) for a global healthcare research company. He has also published in Privacy Advisor, a publication of the International Association of Privacy Professionals (IAPP) and was the inaugural chapter contributor on Singapore in Global Privacy & Security Law, a publication of Wolters Kluwer. He holds a Bachelor of Arts in Government and Psychology (University of Texas at Austin), a Bachelor of Laws (Monash University), a Master of Laws (National University of Singapore), a Specialist Diploma in Information Systems Security (Temasek Polytechnic) and completed the Certified Information Security Manager (CISM) and Associate Estate Planning Practitioner (AEPP) programmes respectively. He is currently the Chairman of the Cybersecurity and Data Protection Committee of the Law Society of Singapore. He is a co-founding member of the Association of Information Security Professionals (Singapore), Teaching Consultant to The Institute of Systems Science (ISS) at the National University of Singapore and Adjunct Associate at the Singapore Institute of Technology and an Accredited Mediator of The Law Society of Singapore Mediation Scheme. |
