Executive Programme 2025
An Overview of Data Privacy Laws in South-East Asia
Speaker’s Profile
Lucas Nicolet-Serra
Counsel at K&L Gates
Lucas Nicolet-Serra is counsel at K&L Gates Straits Law LLC, the Singapore office of global law firm K&L Gates.
Lucas focuses his practice on commercial, regulatory, and contractual work. His core practice includes advising on complex technology arrangements, data privacy strategies, cybersecurity, post-M&A integration strategies, and sector-specific regulations in the life sciences, telecommunication and fintech sectors. His expertise revolves around the legal, regulatory, and policy impacts on the emergence of fintech and health-tech companies.
This course covers data protection laws and regulations that professionals should consider when doing business in South East Asia.
Data protection regulations are rapidly evolving, impacting all businesses globally, and more specifically in Southeast Asia, as many Southeast Asian jurisdictions have enacted new data privacy laws and regulations over the last two years. As a result, companies have not been able to adopt a harmonized approach to data protection compliance due to jurisdictional variations, making compliance costly and time-consuming.
During this training session, Lucas Nicolet-Serra will provide a high level overview of the data protection regimes in Singapore, Thailand, Indonesia, Vietnam, and Malaysia, highlighting recent developments and discussing where the laws align and diverge.
We will discuss the compliance challenges many companies face when operating across these jurisdictions as well as enforcement trends. We will also discuss the vital role of Data Protection Officers and the growing concerns over data localization and cross-border data transfers.
We will use case studies to illustrate the points discussed.
Dates:
Wednesday 18th June 2025 and Thursday 19th June 2025 – 3.00 pm to 6.00 pm
Duration:
Total 6 hours
Programme Overview
DAY 1 Wednesday 18th June 2025
(1.5 hours)
Introduction to data protection regulations
(1.5 hours)
Data Protection Principles in South-East Asia:
Singapore, Thailand, Indonesia, Vietnam,
Malaysia
DAY 2 Thursday 19th June 2025
(1.5 hours)
Data Protection Officer (DPO) and its role
(1.5 hours)
Data transfers and data localisation
Fees:
- EUR 400 or SGD 580 full programme
- EUR 200 or SGD 290 per module
CPD Accreditation:
CPD points: 6 Public CPD Points
(TBC – 3 Public CPD Points each day)
Practice area: Data Protection & Privacy
Training category: General
Participants who wish to obtain CPD Points are reminded that they must comply strictly with the Attendance Policy set out in the CPD Guidelines. For participants attending the face-to-face activity, this includes signing in on arrival and signing out at the conclusion of the activity in the manner required by the organiser, and not being absent for more than 15 minutes on each day of the activity. For those participating via the webinar, this includes logging in at the start of the webinar and logging out at the conclusion of the webinar on each day of the activity in the manner required by the organiser, and not being away from any part of the webinar for more than 15 minutes on each day of the activity. Participants may obtain 3 Public CPD Points for each day of the event on which they comply strictly with the Attendance Policy. Participants who do not comply with the Attendance Policy on any particular day of the activity will not be able to obtain CPD Points for that day of the activity. Please refer to www.sileCPDcentre.sg for more information.
