Cross-border Data Transfers in APAC Discussed at 2025 PDP Week: Exploring Generative AI and Digital Trust
During Personal Data Protection (PDP) Week 2025 in Singapore, the consensus was that the Asia-Pacific (APAC) region is actively shaping a responsible AI governance ecosystem. This environment supports both regulatory clarity and the sustainable adoption of AI technologies across the region.
Active Development of AI Governance Frameworks
Policymakers in APAC are neither unguided nor unregulated. They are working on both soft and hard regulations for AI, clarifying how existing data protection laws apply to AI usage, especially in areas like consent, data subject rights, and breach management. Notable examples include Japan, South Korea, and Hong Kong providing guidance on these issues.
Singapore’s Approach to AI Governance
Singapore’s approach to AI governance is structured around three pillars: creating practical tools, engaging internationally, and collaborating closely with industry. Notable examples include the AI Verify toolkit and Project Moonshot for testing traditional AI and large language models.
Cross-border Collaboration and Tool Development
The Philippines’ National Privacy Commission (NPC) signed a Memorandum of Agreement with Singapore-based Straits Interactive to enhance data privacy and generative AI initiatives. This partnership supports regulatory framework evolution alongside digital transformation goals.
Regional and International Coordination
The broader APAC region is embracing frameworks to harmonize AI governance such as the ASEAN Guide on AI Governance and Ethics and Singapore’s leadership in the ASEAN AI Working Group. These initiatives set expectations for enterprises on oversight, risk assessment, and operational management of AI systems.
High-level Political Support and Cooperation
The first-ever APEC Digital and AI Ministerial Meeting (Incheon, 2025) highlighted the urgency of trusted, human-centered AI that benefits all APAC economies. Ministers emphasized collaborative policymaking to harness emerging digital technologies for public good and ensure AI systems are safe and broadly beneficial across borders.
Key Discussions during PDP Week 2025
During PDP Week 2025, several panel discussions and workshops were held. These included FPF moderating a panel session on key aspects of AI governance, featuring industry experts and regulators. The panel observed that the landscape for cross-border data transfers across APAC remains fragmented and restrictive but expressed cautious optimism that transfer restrictions could be managed effectively.
Another panel titled "Navigating the Impact of Australia's Privacy Act Amendments in the Asia-Pacific" was moderated by FPF's APAC Deputy Director Dominic Paulger on July 10, 2025. The panel discussed the enactment of the Privacy and Other Legislation Amendment Bill 2024 following a multiyear review of Australia's Privacy Act.
The workshop titled "AI, AI, Captain!: Steering your organisation in the waters of Gen AI" was co-hosted by FPF and the Infocomm Media Development Authority (IMDA) on July 7, 2025. The workshop featured presentations from FPF and IMDA, followed by a multi-stakeholder, practice-focused panel discussion.
FPF also facilitated deep conversations at PDPC's PETs Summit, including on the use of PETs in cross-border data transfers and within SMEs.
Challenges and Solutions
Arianne suggested that businesses communicate to regulators the challenges they face with restrictive data transfer frameworks. Zee Kin highlighted how the increasing integration of economies through supranational organizations like ASEAN is driving a push in APAC towards recognizing more business-friendly data transfer mechanisms.
Looking Forward
The FPF APAC office participated in Personal Data Protection Week 2025 from July 7 to 10, 2025. The week included a two-day industry conference organized by the International Association of Privacy Professionals (IAPP). FPF also co-hosted an India Roundtable Luncheon with Khaitan & Co on July 10, 2025, focusing on pressing challenges in India, such as the development of implementing rules for the Digital Personal Data Protection Act, 2023.
In summary, during PDP Week 2025, the consensus is that APAC is actively shaping a responsible AI governance ecosystem that balances innovation, digital trust, and cross-border data protection through multi-stakeholder collaboration, practical tools, and alignment with international standards. This environment supports both regulatory clarity and the sustainable adoption of AI technologies across the region.
- Policymakers in APAC are developing both soft and hard regulations for AI, focusing on clarifying how existing data protection laws apply to AI usage, especially in areas like consent, data subject rights, and breach management.
- Singapore's approach to AI governance emphasizes creating practical tools, engaging internationally, and collaborating closely with industry, as demonstrated through initiatives like the AI Verify toolkit and Project Moonshot.
- The Philippines' National Privacy Commission has partnered with Singapore-based Straits Interactive to enhance data privacy and generative AI initiatives, supporting regulatory framework evolution alongside digital transformation goals.
- The ASEAN Guide on AI Governance and Ethics and Singapore's leadership in the ASEAN AI Working Group are examples of initiatives aimed at harmonizing AI governance across the APAC region.
- At the first-ever APEC Digital and AI Ministerial Meeting in Incheon, ministers emphasized the need for trusted, human-centered AI that benefits all APAC economies, and called for collaborative policymaking to harness emerging digital technologies for public good.
- During PDP Week 2025, panel discussions and workshops were held, addressing topics like AI governance, data transfers, the impact of Australia's Privacy Act Amendments, and navigation of the waters of Gen AI.
- Arianne suggested that businesses should communicate to regulators the challenges faced with restrictive data transfer frameworks, while Zee Kin pointed out the integration of economies through organizations like ASEAN is driving a push towards recognizing more business-friendly data transfer mechanisms in APAC.
- FPF APAC participated in PDP Week 2025, organizing a two-day industry conference with the International Association of Privacy Professionals (IAPP), and co-hosting an India Roundtable Luncheon focusing on challenging issues in India, such as the development of implementing rules for the Digital Personal Data Protection Act, 2023.
- The active development of AI governance frameworks in APAC, coordinated by regional and international efforts, supports regulatory clarity and sustainable adoption of AI technologies across the region, fostering a responsible ecosystem that balances innovation, digital trust, and cross-border data protection.
- The APAC region's approach to AI governance, as demonstrated during PDP Week 2025, prioritizes multi-stakeholder collaboration, practical tools, and alignment with international standards to foster an environment that promotes both innovation and trust in AI technologies.
- The PDP Week 2025 consensus further emphasizes the importance of ensuring transparency, privacy, and security in AI systems and data sharing, as these are crucial aspects of building a responsible and trustworthy AI ecosystem in the APAC region.
- The active shaping of a responsible AI governance ecosystem in APAC has significant implications for various sectors, including education-and-self-development, politics, general-news, crime-and-justice, finance, personal-finance, business, data-and-cloud-computing, research, technology, and policymaking at the global level.
