Module Overview 1
Module Objectives 2
Learning Outcomes 2
Target Audience 2
ABBREVIATIONS AND ACRONYMS 5

1. Introduction to Data Privacy and Protection: History, Theory, Concepts, and
Evolution 6
 1.1 Data Privacy and Protection Regulation: Historical Roots 6
 1.2 International Privacy Frameworks and Principles 12
 1.3 Data Privacy and Protection Concepts 27
 1.4 Summary 37
 1.5 Chapter Exercise 37
 1.6 Suggested References, Readings, and Online Resources 39

2. SEA Data Protection Regulation: Dissecting Domestic and International Policy
Frameworks and their Commonalities 40
 2.1 General Privacy Principles 40
 2.2 Data Subjects’ Rights and Their Enforcement 48
 2.3 Lawfulness of Processing Personal Data 55
 2.4 Comparative Analysis of Southeast Asian (SEA) Data Protection Regulations 61
 2.5 Summary 81
 2.6 Chapter Exercise 83
 2.7 Suggested References, Readings, and Online Resources 83

3. Strengthening the Regulator: Cross-border and Domestic Enforcement 85
 3.1 Understanding Material and Territorial Scope in Data Protection Regulation 85
 3.2 Powers and Functions of an Effective Data Protection Authority 92
 3.3 Effective Mechanisms for Promoting and Protecting Cross-Border Data Transfers 107
 3.4 Establishing Statutory Liabilities 117
 3.5 Summary 124
 3.6 Chapter Exercise: Check your Progress 125
 3.7 Suggested References, Readings and Online Resources 126

4. Embracing Data Privacy and Protection: Best Practices, Challenges and
Opportunities 127
 4.1 Privacy by Design or by Default 127
 4.2 Privacy Impact Assessment 130
 4.3 Data Protection Officers: Functions and Responsibilities 133
 4.4 Consent Fatigue and Exponential Growth of Data 138
 4.5 Summary 140
 4.6 Chapter Exercise: Check Your Progress 140
 4.7 Suggested References, Readings and Online Resources 141