Practices

Data Compliance
& Cybersecurity

Drew Network Asia’s (DNA) Data Compliance & Cybersecurity Practice includes firms at the forefront of the development of these fields in their respective countries. Many countries around the world, including several within ASEAN, have enacted data protection and cybersecurity laws to better protect individuals’ personal data and national information systems infrastructure. Our lawyers have advised on all aspects of such laws, including regulatory/enforcement, commercial and international/cross-border aspects.

We aim to be the leading legal practice in this field in the region. DNA’s constituent firms have lawyers with numerous years of experience in these and related fields as well as, in some cases, dedicated Data Protection & Cybersecurity practices.

Our firms’ work in these fields precedes the advent of national laws such as Malaysia’s Personal Data Protection Act 2010, Indonesia’s Electronic Information and Transactions Law, Singapore’s Personal Data Protection Act 2012 and Cybersecurity Act 2018, Thailand’s Personal Data Protection Act 2019, and Vietnam’s Personal Data Protection Decree 2023 as well as various other national laws relating to telecommunications, media, information technology and cybercrime which may also establish general or sectoral requirements relating to data protection and/or cybersecurity.

We act for a wide variety of clients in relation to data protection and cybersecurity compliance. These include many prominent and well-known multinational / foreign corporations, Internet companies, local companies across different industries and, in some cases, national data protection authorities. Our experience includes advising on or providing the following, amongst others:

Implementation of company / group-wide compliance programmes;
Localisation of global/regional data protection policies;
Establishment of the internal data protection function and required internal processes;
Contracts for data processing and cross-border data transfers, as well as data protection provisions for a variety of contracts;
Employment-related aspects of data protection including protection of foreign employees’ personal data;
Sectoral data protection and cybersecurity requirements;
Data breach management and notification;
Compliance and regulatory risk audits and impact assessments;
Data protection and cybersecurity compliance training;
Enforcement–related issues, regulatory appeals and offences relating to data protection, cybersecurity and related areas; and
Disputes and civil proceedings relating to data protection and/or cybersecurity issues.

Lim Chong Kin

Managing Director, Corporate & Finance / Head, Telecommunications, Media and Technology (TMT) / Co-Head, Data Protection, Privacy & Cybersecurity / Co-Head, Competition Law & Regulatory /

David N. Alfred

Director, Corporate & Finance / Co-Head, Data Protection, Privacy & Cybersecurity / Co-Head and Programme Director, Drew Data Protection & Cybersecurity Academy

Lia Alizia

Partner / Employment / Litigation and Dispute Resolution / Foreign Investment & General Corporate Practice / Competition Law / Franchise Law / Insolvency and Restructuring / Intellectual Property / Media, IT and Telecommunications / Mergers and Acquisition

Heru Mardijarto

Partner / Construction / Foreign Investment & General Corporate Practice / Infrastructure and Major Project / Media, IT and Telecommunications / Mergers and Acquisitions /

Timothy Siaw

Partner / Head, Technology, Media & Telco / Intellectual Property / Healthcare and Life Sciences

Raymond T.C. Low

Partner / Employment & Administrative Law / Personal Data Protection & Privacy Laws

Erika B. Paulino

Partner, Corporate and Commercial Group / Head, Data Compliance & Cyber Security / Co-Head, Projects & Energy / Co-Head, Restructuring & Insolvency

Kristine R. Bongcaron

Partner / Head, Intellectual Property / Co-Head, Commercial Arbitration and Alternative Dispute Resolution / Co-Head, Data Privacy and Security

Athistha (Nop) Chitranukroh

Partner and Director, Corporate & Commercial

Nopparat Lalitkomon

Partner, Corporate & Commercial

More Partners

Singapore

Malaysia

Indonesia

Reagan Roy Teguh

Accolades

Singapore | Drew & Napier

GDR 100
Listed as one of the world’s top 100 data law firms by Global Data Review for 3 consecutive years

Lim Chong Kin - Leading Individual

The practice “accurately identifies our needs without much prompting” and is able to “tailor a comprehensive scope of services which met our objectives, timeline and budget”. The client also praises the team’s extensive network, which is “able to connect us with reputable law firms in other countries to assist us on the personal data protection project, so while we communicated with Drew & Napier only, the team smoothly coordinated the project with foreign law firms”.
“Whether you have a fat or lean legal budget, Chong Kin remains consistent as a true partner and far-sighted adviser. His knowledge of data protection law is impressive but, best of all, he is able to advise about the regulator’s stance and the rationale behind the law. He is also incredibly responsive and gives matters his personal attention.”

Chambers Asia Pacific
TMT 2024 - Band 1 for 17 consecutive years

Lim Chong Kin - Leading Individual for 17 consecutive years

Asia Pacific Legal 500
Data Protection & Cybersecurity 2024 - Tier 2

David Alfred - Leading Individual

Lim Chong Kin - Recommended Lawyer

Anastasia Su-Anne Chen - Recommended Lawyer

Indonesia | Makarim & Taira S.

The Legal 500 Asia-Pacific
IT, Telecoms & Fintech 2023 – Highly recommended from 2018-2023

asialaw Profiles
Technology and Telecommunications 2023 - Highly recommended from 2019-2023

Malaysia | Shearn Delamore & Co.

Asialaw Profiles
Technology & Telecommunications 2020 – Highly recommended firm

Asia Pacific Legal 500
TMT 2020 - Tier 3

Thailand | Tilleke & Gibbins

Chambers Asia Pacific
Technology, Media, Telecoms (TMT) 2023 – Band 2 for 5 consecutive years

Athistha Chitranukroh – Band 2 for 2 consecutive years
Charuwan Charoonchitsathian – Band 2
Nopparat Lalitkomon – Associate to Watch

"Charuwan is extremely knowledgeable and responsive. She is a tremendous asset for our team."
"Nopparat is very responsive, knowledgeable and able to coordinate advice across multiple areas of local law, as well as multi-jurisdictional legal issues."

The Legal 500 Asia Pacific
TMT 2023 – Tier 1 for 10 consecutive years

Nopparat Lalitkomon – Rising Star

“They are competent and strong. Clients can approach them when needed and get the right answers.”

Asialaw Profiles
Technology and Telecoms 2024 – Outstanding for 9 consecutive years

Vietnam | Tilleke & Gibbins

Chambers Asia Pacific
Technology, Media, Telecoms (TMT) 2023 – Band 1 for 4 consecutive years

Waewpen Piemwichai – Spotlight

“Tilleke & Gibbins has a very good understanding of the regulatory regime in Vietnam. The firm gives very pragmatic and thorough advice and is easy to work with."

The Legal 500 Asia Pacific
Data Protection – Tier 1 for 3 consecutive years
TMT 2023 – Tier 1 for 5 consecutive years

Waewpen Piemwichai – Rising Star

“The practice is unique in the sense that it is able to connect between overseas clients’ needs and local legal requirements, offering clients a practical solution and navigating the client in the constant changing regulatory environment.”
“The team is efficient, flexible and business oriented. They are always able to offer practical solutions within a very short period of time, which is what clients want.”
“Waewpen Piemwichai is efficient, innovative and practical. She is always able to provide a helpful solution within short time periods.”

Financial Times Innovative Lawyers APAC
Most Innovative Lawyers in Cybersecurity and Data Governance 2023 – Nominee

Cambodia | Tilleke & Gibbins

Leading publications and rating agencies have yet to introduce rankings in respect of Data Compliance and Cybersecurity legal practice in Cambodia.

Tilleke & Gibbins is ranked in the following related practice areas.

Chambers Asia Pacific
General Business Law 2023 – Band 2 for 3 consecutive years

Jay Cohen – Band 2 for 2 consecutive years
David Mol – Associate to Watch

The Legal 500 Asia Pacific
General Business Law 2023 – Tier 2 for 6 consecutive years

Jay Cohen – Leading Individual for 3 consecutive years
David Mol – Next Generation Partner for 6 consecutive years

Asialaw Profiles
General Business Law 2024 – Highly Recommended for 7 consecutive years

Laos | Tilleke & Gibbins

Leading publications and rating agencies have yet to introduce rankings in respect of Data Compliance and Cybersecurity legal practice in Laos.

Tilleke & Gibbins is ranked in the following related practice areas.

Chambers Asia Pacific
General Business Law 2023 – Band 2 for 2 consecutive years

Dino Santaniello – Band 2 for 4 consecutive years

The Legal 500 Asia Pacific
General Business Law 2023 – Tier 1 for 6 consecutive years

Dino Santaniello – Leading Individual for 5 consecutive years

Asialaw Profiles
General Business Law 2024 – Recommended for 11 consecutive years

Myanmar | Tilleke & Gibbins

Leading publications and rating agencies have yet to introduce rankings in respect of Data Compliance and Cybersecurity legal practice in Myanmar.

Tilleke & Gibbins is ranked in the following related practice areas.

Chambers Asia Pacific
General Business Law 2023 – Band 4 for 4 consecutive years

The Legal 500 Asia Pacific
Corporate/M&A 2023 – Tier 2 for 8 consecutive years

Asialaw Profiles
General Business Law 2023 – Recommended for 4 consecutive years

Data Compliance
& Cybersecurity

Key Partners

Lim Chong Kin

David N. Alfred

Lia Alizia

Heru Mardijarto

Timothy Siaw

Raymond T.C. Low

Erika B. Paulino

Kristine R. Bongcaron

Athistha (Nop) Chitranukroh

Nopparat Lalitkomon

More Partners

Accolades

Singapore | Drew & Napier

Indonesia | Makarim & Taira S.

Malaysia | Shearn Delamore & Co.

Thailand | Tilleke & Gibbins

Vietnam | Tilleke & Gibbins

Cambodia | Tilleke & Gibbins

Laos | Tilleke & Gibbins

Myanmar | Tilleke & Gibbins

Related News