Governments across the region and around the globe are coming to grips with the potential of the digital economy – and they are racing to introduce laws and regulations that control the flow of data and aim to protect it.
As technological developments unleash new potential every day, the digital economy is constantly enriched with new possibilities for businesses of all sizes. Yet, harnessing its potential is no small feat, especially in the rapidly rising Asian-Pacific market. Governments across the region and around the globe are coming to grips with the potential of the digital economy – and they are racing to introduce laws and regulations that control the flow of data and aim to protect it. But, what is the impact of those policies on the travel and hospitality industry?
Data Security Top Priority for Regulations
Data has been celebrated as the currency of our age – and in a digital economy, data is undeniably a key asset for most industries. In this new landscape, data security, which aims to protect information from hacker attacks including ransomware and to streamline compliance with regulatory requirements, emerges as paramount. Data security covers information stored on databases, files, and the cloud, including big data, and is a crucial aspect that regulations like HIPAA, GDPR and SOX take into account. GDPR, the new EU legislation on privacy and the protection of personal data, comes with an increased focus on implementing data security safeguards by default and embedding them into the design of relevant processes and policies. This means enhanced obligations for entities that collect, exchange and process data – and the travel industry is particularly affected by such requirements.
How International Data Security Laws Affect Local Travel Industry
According to the EU, GDPR does not only apply to European companies, but to any business worldwide that offers services to EU residents. This means that Asian companies that have dealings with EU customers are bound by the new rules. This is especially pertinent for the travel industry, as Southeast Asian countries like Malaysia and Thailand are a top destination for tourists from across the globe – Europe included. In 2017 alone, Asia-Pacific saw 324 million international tourists arrive to explore the area, a 6% rise since the previous year. The trend is estimated to continue in 2018, with arrivals rising again, somewhere between 5% and 6%. Several startups in the region are eager to tap into that potential, like Travelog, which aims to offer a comprehensive itinerary platform for Malaysia and beyond, or Indonesia-focused Trip Dixi that brings travelers in contact with travel vendors on the ground.
Regional Laws Promote Data Security
Several laws in the area are aiming to regulate the landscape with a focus on cybersecurity – from Indonesian Government Regulation 82 to Vietnam’s Cybersecurity Law, to Malaysia’s Personal Data Protection Act 2010. Southeast Asia boasts a digital economy potential of roughly $200 billion, while 95% of the companies active in the region are local, small and medium-sized companies. They often turn to new technologies like cloud storage, online marketplace platforms, and digital services for serving their clients, which means a lot of data processing. The travel industry in particular gathers and processes a large volume of various data by definition, ranging from identity details like name, address and travel documents, to contact information like email accounts and mobile telephone numbers, to more complicated data like travel patterns and payment details.
Data security laws across the region, as well as international ones like GDPR, aim to ensure that necessary cybersecurity safeguards are in place that guarantee a consistent level of protection across the travel industry beyond national borders. This should put international travelers at ease when trusting Asia-Pacific travel operators with their personal data.