UNDERSTANDING GDPR: ITS LEGAL IMPLICATIONS AND RELEVANCE TO SOUTH ASIAN PRIVACY REGIMES

Emerging as a buzzword, the General Data Protection Regulation (GDPR) has had immense implications on global data protection regimes. The GDPR appears as a worldwide standard for protecting personal data based on the omnibus legal substance, extensive extraterritorial scope, and influential market of the European Union (EU). It resulted in a global wave where countries are either adopting new legislation or modifying existing data privacy laws to comply with the GDPR. Historically, the South Asian region, abode to one-fifth of the world’s people, has strong trade and economic ties with Europe. As reflected in current bilateral or multilateral trade agreements, the EU tends to be one of the largest trading partners of most South Asian countries. Therefore, it is understandable that the EU’s norms, laws, policies, particularly the GDPR, would have far-reaching impacts on South Asian countries. However, the issue has not been yet evaluated in legal academic settings that require an analysis of GDPR’s overview and its impacts on South Asian privacy regimes. The findings of this doctrinal legal study, together with the sharing of a brief overview of the GDPR and South Asian privacy regimes, reiterate the influence of GDPR in this region. The findings of this research also have the prospects to enlighten the stakeholders in understanding the GDPR and its implications on global as well as South Asian privacy regimes. This article concludes with several suggestions and policy alternatives that policymakers can explore in South Asia and beyond in designing their potential personal data protection policy strategies.