Australian and regional regulatory responses to the key challenges of consumer protection in electronic commerce (March 2008)
4.3. Privacy and data protection
At present there are no laws enacted in ASEAN that deal with privacy and personal data protection. Three member countries have draft legislation in place, however it is uncertain in some member countries when the legislation will be enacted. Instead of implementing laws, Singapore has chosen to adopt a self-regulatory approach through the Model Data Protection Code.
This lack of coverage is perhaps different from international developments and regulation in other nations around the world. Most developed countries, have legislation regulating the use and handling of personal information by businesses and government agencies and organisations.
ASEAN is currently considering a proposal to examine the harmonisation of privacy and data protection legal infrastructure across the ten ASEAN Member Countries.
The APEC Privacy Framework promotes a consistent approach to information privacy protection across APEC member economies. The Framework includes nine privacy principles for businesses operating in APEC economies.
In June 2007, the APEC E-Commerce Steering Group Data Privacy Subgroup met in Cairns to develop APEC Data Privacy Pathfinder projects with a focus on cross-border privacy rules. The Pathfinder projects were formally endorsed at the meeting of APEC Ministers in Sydney in September 2007.
 TrustSG, Model Data Protection Code, 2003, <http://www.trustsg.com.sg/downloads/Data_Protection_Code_v1.3.pdf>.
 More information on the Framework and principles is available at: