Counsel Jonathan Kao contributed an article titled "Data Protection as part of an Environmental, Social and Governance Framework" in the Personal Data Protection Digest 2022. The PDP Digest is published by the Personal Data Protection Commission ("PDPC") of Singapore.
The importance of data protection is no longer in doubt with legislation being enacted and revised in all major jurisdictions and ongoing efforts to harmonise obligations across jurisdictions. The collection, processing, storage and sharing of data, personal or otherwise, has been growing exponentially as more services and experiences move online, a trend exacerbated by the COVID-19 pandemic and the push for more “smart” initiatives and proliferation of Internet of Things (“IoT”) technologies.
So where does data protection or privacy fit into the picture? And is there a more worthy purpose for data protection or privacy to be included within the ESG framework than mere glorification of the organisation?
This article seeks to first explore how ESG and personal data protection obligations can intersect. It then explores how data protection or privacy as a standalone component can and should be an integral part within any ESG framework. This article is premised on when ESG is indeed reported, to consider inclusion of data protection or privacy items.
*The views expressed in this article are the authors’ personal views.