Huawei shares privacy protection governance framework and practices

Source: Huawei. From left: Naftalski, Wang, Li, Dr Lin.

The way international companies establish and implement an efficient privacy protection compliance governance framework was the focus of attention at the IAPP Asia Privacy Forum 2019.

In a discussion entitled titled When the GDPR Meets Chinese Data Protection Compliance: Privacy Protection Governance Framework and Practices, Kevin Wang, Privacy Protection Lead, Huawei Global Cyber Security & Privacy (GSP) Office; Fabrice Naftalski, Global Head of Data Protection, EY; Dr Zhong Lin, Partner, EY Chen & Company; and Shawn Li, DPO, L'Oréal China talked about compliance strategies and solutions for personal data protection in different judicial systems.

According to Wang, Huawei has developed a set of globally applicable personal data protection principles based on the GDPR and Generally Accepted Privacy Principles (GAPP) in the privacy protection field and has localised these principles. In addition, Huawei ensures that privacy protection activities can be effectively implemented and supervised through the top-down organisational governance structure.

He added that Huawei's privacy protection practices cover the management and operation mechanism of personal data throughout its lifecycle. These practices integrate the privacy by design and privacy by default concepts into business processes and ensure transparency in the collection and use of personal data in business activities.

Huawei also responds actively to privacy law changes, consumer expectations, and customer requirements. This means that Huawei's privacy protection organisation interprets and breaks down privacy protection requirements into business control requirements, and then implements and optimises these requirements for existing business processes.

The event was hosted by International Association of Privacy Professionals (IAPP) in Singapore on July 15-16, 2019. In attendance were officials from data protection regulators in countries and regions such as Singapore, the Philippines, India, Japan, and Hong Kong, as well as privacy protection opinion leaders, experts, and scholars from around the world.