Kolvin Stone Discusses How the GDPR Will Present Challenges for Asian Companies

Asia Business Law Journal | November.08.2017

Orrick partner Kolvin Stone recently spoke with Asia Business Law Journal regarding the EU’s new General Data Protection Regulation, set to take effect in May 2018, and the challenges it will present for Asian companies doing business in Europe.

“Asian companies with operations in Europe should already be complying with existing privacy laws,” said Kolvin, adding, “Of particular relevance to Asian companies will be the restrictions on transferring data outside of the EU, which will require careful consideration of an appropriate lawful transfer method.”

According to Kolvin, the main difference between GDPR and existing privacy laws is the level of enforcement powers that regulators now have. “The reality is that the level of compliance is not that high,” he said. “The increased sanctions under GDPR, including fines of up to €20 million (US$23.5 million) and 4% of annual global turnover means non-compliance is not an option. Asian companies with operations in Europe need to pay closer attention to privacy compliance than may have been previously the case, as their operations will be subject to the GDPR.”

You can read the full article in Asia Business Law Journal and watch a short video featuring Kolvin here.