September 2020

Vodafone wins against India’s tax department in US$2 billion tax dispute case

The Permanent Court of Arbitration in Hague has ruled in favour of the Vodafone Group against the income tax department of India in a long pending arbitration case of US$2 billion tax dispute on a retrospective basis. In the ruling, the international court mentioned that the imposition of a tax liability along with interest and penalties by the Indian tax department was in breach of ‘guarantee of fair and equitable treatment’ of the terms laid out in the bilateral investment treaty (BIT) agreement between the Netherlands and India.

TikTok appoints Safety Advisory Council for Asia Pacific

TikTok has appointed a seven member 'Safety Advisory Council' in the Asia-Pacific that comprises academics, advocates, and activists who will advise the platform on issues related to online safety, child safety, digital literacy, mental health, and human rights. The advisory council is expected to convene quarterly to discuss issues and submit formal recommendations to TikTok.

Indian Telecom Regulator releases recommendations on traffic management practices and creation of net neutrality multistakeholder body

The Telecom Regulatory Authority of India (TRAI) has released recommendations on traffic management practices (TMPs) and a creation of a multistakeholder body for net neutrality. Some of the recommendations include: the creation of a repository of TMPs that Internet service providers (ISPs) may adopt; creation of a policy for ISPs to inform affected users on the impact of applied TMPs; establish a multistakeholder body that would advise and support the Department of Telecom (DOT) in monitoring and enforcement of net neutrality principles, including creating a repository of TMPs and investigate complaints related to the violations of net neutrality.


India’s regulatory authority releases recommendation on OTT framework

The Telecom Regulatory Authority of India (TRAI) has released recommendations for a regulatory framework for  over-the-top (OTT) communications services in India. TRAI has recommended that the market forces should be allowed to respond to user demands without any regulatory intervention from the state. However, developments might be monitored and intervention shall occur as necessary in an appropriate time. Furthermore, no regulatory interventions are currently necessary in respect of the privacy and security issues of OTT services. Finally, TRAI has advised that it is not an opportune moment to implement a comprehensive regulatory framework for OTT services.


Australian Information Commissioner rejects Facebook’s appeal to ruling in Cambridge Analytica case

The Australian Federal Court has rejected Facebook Inc.’s application to set aside the court’s earlier ruling granting the Australian Information Commissioner (OAIC) leave to serve legal documents to the US based social media giant in a Cambridge Analytica investigation. In the ruling, Justice Thawley was satisfied that the OAIC had established a prima facie case that Facebook was conducting business, and collecting and holding personal information in Australia at the relevant time. According to the Guardian, the OAIC stated that 311 127 Australian citizens’ data was exposed by Cambridge Analytica.


A4AI and UNESCAP partner to advance affordable Internet access in Asia and the Pacific

The UN Economic and Social Commission for Asia and the Pacific (UNESCAP) and the Alliance for Affordable Internet (A4AI) announced a new partnership to promote affordable Internet access and meaningful connectivity in the Asia and Pacific region through policy and regulatory reform. The partnership will work mainly towards developing training curriculums, delivering capacity building, and sharing workshops for policymakers from the region, as well as conducting a joint study on assessing effective policy options for meaningful broadband connectivity in Asia and the Pacific. Through this collaboration, the two entities will further support the harmonisation of the regional policy processes to ensure that both parties are working together to achieve the sustainable development goals (SDGs).


New Zealand Stock Exchange hit by DDoS attack

New Zealand’s Stock Exchange Market (NZX) faced a distributed denial of service (DDoS) attack for four days, forcing the government to activate the country’s National Security System. The cyber-attacks disrupted cash and debt markets and the Fonterra shareholders market, including its derivatives. The Fonterra Co-operative Group is the world’s largest milk exporter.

Though the New Zealand government has not been able to pinpoint the source of the attack, government agencies have stated that the cyber-attack originated from ‘offshore sources’.


Australian Cyber Security Centre publishes manufacturer IoT guide

The Australian Cyber Security Centre issued an Internet of things (IoT) guide for manufacturers titled Code of Practice: Securing the Internet of Things for Consumers. The guide aims to help manufacturers offer secure IoT devices for consumers. It includes 13 principles and provides examples of how to implement them. The principles address: creating strong passwords; vulnerability disclosure policies; software security updates; storing credentials; protecting personal data; minimising exposed attack surfaces; ensuring communication security and software integrity; making systems resilient to outages; monitoring system telemetry data; enabling consumers to delete personal data; installing and maintaining devices; and validating input data. 

China launches new app to combat online misinformation

The Cyberspace Administration of China and state news agency Xinhua has launched a new app to combat online misinformation. Called the United Rumour Debunking Platform, the platform is a part of a broader campaign to address the online misinformation in China. This app and other programmes that will run within some major Chinese apps like WeChat and Baidu, will enable users to quickly fact-check online rumours. It will also allow the users to report online misinformation.


New Chinese export rules complicate TikTok sale

China has updated its export control regulations to include several sensitive technologies. One of the technologies added which needs an export control license sounded like TikTok’s personalised recommendation engine, the New York Times reported. The new regulation will mean that Chinese ByteDance would need a license to sell its TikTok technology to a US company.


August 2020

TRAI issues consultation paper on the Roadmap to Promote Broadband Connectivity and Enhanced Broadband Speed

The Telecom Regulatory Authority of India (TRAI) has released a consultation paper on the Roadmap to Promote Broadband Connectivity and Enhanced Broadband Speed. TRAI is seeking inputs from stakeholders on: defining fixed and mobile broadband; innovative approaches for infrastructure creation; promoting broadband connectivity; and the measures to be taken for enhancing broadband speed. The deadline for submitting written comments on the paper is 21 September, and 5 October 2020 for counter-comments.

Taiwan alleges Chinese are behind cyber-attacks on government agencies

Taiwan has alleged that since 2018, hacking groups linked to the Chinese government have attacked at least 10 government agencies and some 6000 e-mail accounts of government officials to steal important data. Officials report that at least four Taiwanese tech companies providing information services to the government were attacked by the hacking groups. The people of Taiwan have been warned to be on alert for such cyber-attacks and ‘omnipresent infiltration’ from China.

Liu Chia-zung, deputy director of the Taiwan Investigation Bureau’s Cyber Security Investigation Office said that, ‘Chinese hacking groups have been infiltrating government agencies and their information service providers for a long time’.

Australia announces copyright law reform

After two years of industry consultations, the Australian government has announced a reform of its copyright regulations to provide a more flexible framework for content access in the digital environment. The copyright law reform includes five main areas: introducing a limited liability scheme for use of orphan works; a new fair dealing exception for non-commercial quotation; amendments to library and archives exceptions; amendments to education exceptions; and streamlining the government's statutory licensing scheme. The current regulations were deemed too restrictive and harmful to the consumer.

Chinese banks hit with heavy fines over data protection breaches

According to the International Association of Privacy Professionals (IAPP), the Shanghai Supervision Bureau of China Banking and Insurance Regulatory Commission fined two Chinese banks 1 million CYN (approximately 120 000 euro) for failing to properly protect their consumers' personal data. The China Merchants Bank was fined after an investigation that uncovered a five-year lapse in data security. The Bank of Communications was fined for a similar lack of security, related to credit card information collection.

Latest data on online gender-based violence in the Philippines

The Foundation for Media Alternatives (FMA) has published the latest data on online gender-based violence (OGBV) in the Philippines, based on the Take Back the Tech mapping tool. Between 1 January and 23 June 2020, the platform recorded 64 OGBV reports. This shows a 30% increase of OGBV since 2019.

Among the top technology-related abuses are the unauthorised use of photo and video material, violent threats and blackmail, and abusive comments, followed by deletion and manipulation of personal data, monitoring and tracking, repeated harassment, sharing and/or dissemination of private information, and unauthorised access of private data.

Mobile phones are predominantly used for OGBV, followed by Facebook, Messenger, and Telegram. Most women who experience online violence are between 18-30 years old. Four out of every ten are under the age of 18. Perpetrators are mostly strangers. Data shows that during online protests, many fake accounts were made from which the threatening messages were sent. Rape threats were sent to women activists. 

Undersea cable inaugurated between Chennai and Andaman and Nicobar Islands

The Indian Prime Minister inaugurated a 2313 km undersea submarine optical fibre cable (OFC) that was laid down between Chennai and Port Blair, and is expected to cover seven of the Andaman and Nicobar Islands. This submarine cable is expected to provide better and cheaper connectivity, as well as boosting tele-education, tele-health, tourism, and banking services on the islands.

Two persons arrested in Hyderabad for viewing CSAM online

The cybercrime police unit in Hyderabad, India, have arrested two people for allegedly watching child sexual abuse material (CSAM) online, which was identified by the Online Child Sexual Abuse and Exploitation (OCSAE) Prevention and Investigation Unit of the Central Bureau of Investigation (CBI). According to information, the two accused have been arrested, and their mobile phones have been seized.

Huawei launches ICT Certification Program in Asia-Pacific

During the Huawei Asia Pacific ICT Talent Forum 2020, the Huawei Asia Pacific ICT Certification Program was launched for students and information and communications technology (ICT) practitioners who have joined or plan to join the Huawei Asia Pacific ICT Academy. The programme, which runs between 4 August and 30 November 2020, will award on a ‘first come, first served basis to participants who pass the exams in the shortest time.

'We aim to globally develop 2 million ICT professionals over the next five years to match the high demand for skilled workers’, noted Huawei Asia-Pacific, Chief Digital Officer and Executive Consultant, Michael Macdonald. Moreover, he said that they planned to build more than 200 Huawei ICT Academies and train 10 000 ICT professionals in the Asia Pacific region, in 2020.

Singapore and Australia sign Digital Economy Agreement

The Ministry for Trade and Industry, Singapore, and the Ministry for Trade, Tourism and Investment, Australia have signed the Singapore-Australia Digital Economy Agreement (SADEA) for facilitating the digitalisation of trade processes and easing cross-border business activities between Singapore and Australia during the COVID-19 pandemic. SADEA is expected to facilitate trusted cross-border data flows without the requirement of data localisation, while protecting consumers’ privacy and businesses’ proprietary information.

Australia releases Cybersecurity Strategy 2020

The Australian Government has released their Cybersecurity Strategy 2020 with a vision of securing the online world for their citizens, businesses, and essential services amidst growing cybersecurity threats, both from state and not state actors. Built on the 2016 Cyberecurity Strategy, the government plans to invest AU$1.67 billion over 10 years to achieve this vision.

Some of the highlights of the strategy include: protecting the critical infrastructure, including cybersecurity obligations for owners and operators; new ways to investigate and shut-down cybercrime, even on the dark web; strengthening government networks and data and enhancing incident response procedures; greater collaboration to build cyber-skills; increased situational awareness and improved sharing of threat information; strengthening partnerships with industry through the Joint Cyber Security Centre Programme; advising small and medium-sized enterprises (SMEs) to increase their cyber resilience; providing clear guidance for businesses and consumers on securing Internet of Things devices; and initiating a 24/7 cybersecurity advice hotline for SMEs and families, and improved community awareness of cybersecurity threats.

New Zealand investigates COVID-19 patient privacy breach

New Zealand’s Privacy Commissioner John Edwards announced that his office is undertaking an inquiry into the distribution of COVID-19 patient information by the Ministry of Health. The decision was made in response to the publication of Queen’s Counsel (QC) Michael Heron’s report into the patient privacy breach. The report looked into the report by the NZ Herald that it had received confidential patient information of 18 confirmed cases of COVID-19 on a spreadsheet that contains their names, dates of birth, age, and quarantine location. The information was leaked to the press by Hamish Walker, Member of Parliament for Clutha-Southland, with an intention to expose the government’s shortcomings in regards to privacy and data protection. The privacy commissioner will inquire what further action, if any, under the Privacy Act was appropriate.

UN ESCAP launches call for research proposals on evidence-based financial solutions for women entrepreneurs in Asia-Pacific

The UN Economic and Social Commission for Asia and the Pacific (ESCAP) has launched a call for research proposals, and will provide up to US$25 000 in funding for a maximum of 6 proposals. The research should explore the nuanced challenges faced by women entrepreneurs in accessing financing at different stages of their enterprise journey, and offer solutions to those challenges.

The objective of this applied research is to identify innovative financial solutions that can be developed or tailored to best address the needs and demands of women entrepreneurs in Bangladesh, Cambodia, Fiji, Nepal, Samoa, and/or Vietnam. The research findings, which will be made publicly available, will be used to inform the design of private sector solutions that enhance different groups of women entrepreneurs’ access and use of financial services, as well as inspire replication of proposed solutions on the market. Applications are open until 31 August 2020.

Chinese company sues Apple over alleged voice recognition patent infringement

Chinese artificial intelligence (AI) company Shanghai Zhizhen Intelligent Network Technology (also known as Xiao-i) has filed a lawsuit against Apple over an alleged infringement of a voice recognition patent. The company is claiming 10 billion yuan (US$1.43 billion) from Apple, arguing that the technology behind Apple's smart assistant Siri is infringing on a patent that the company was granted in 2009. Xiao-i wants Apple to stop manufacturing, using, promising to sell, selling, and importing Siri. In reaction, Apple has indicated that Siri does not contain features included in the mentioned patent. The dispute between the two companies is not new: Xiao-i filed an initial complaint in 2012 and was followed by a request by Apple to invalidate its patent.


July 2020


The government of New Zealand is upgrading the Digital Child Exploitation Filtering System for blocking websites that host child sexual abuse images.

Set-up in 2010 by the Department of Internal Affairs (DIA), the system is voluntary for Internet service providers (ISP), and most of the ISPs use it to block access to illegal websites.

In May this year, the government announced the replacement of the current software and the Internal Affairs Minister Tracey Martin introduced a bill updating the Films, Videos, and Publications Classification Act 1993. The updated bill allows the DIA to bring the child exploitation filter into law, and extend it to filtering content deemed objectionable by the Chief Censor’s office.

ACMA issues a paper about IoT regulatory policy in Australia

The Australian Communications and Media Authority (ACMA) published a paper titled Internet of Things in media and communications. The paper deals with the impacts of the Internet of Things (IoT) across the media and communications environment. It analyses existing IoT applications and devices (for consumers and the industry), market usage trends, and regulatory implications. The paper examines four relevant regulatory areas and explains ACMA’s policy in each of these areas: network infrastructure, spectrum management, equipment standards, and consumer safeguards.

Looking ahead, in the short term, ACMA plans to monitor spectrum demand drivers, to allocate activities according to the spectrum programme, to update licensing arrangements to support IoT, to collect data on IoT use and consumer awareness, and to comply with international standards bodies. In the long term, ACMA plans to monitor standards developments, to review Australian IoT regulatory settings, to conduct IoT usage trends research, and to work more closely with other stakeholders such as industry, consumer groups, regulators, and equipment vendors.

New consumer protection law comes into force in India

The Consumer Protection Act 2019 came into force in India on 20 July 2020. Among others, the act will protect the rights of consumers from goods and services which are hazardous to life and property; keep consumers informed of the quality, quantity, potency, purity, standard, and price of goods or services; assure access to a variety of goods or services at competitive prices; and make sure that consumers are able to seek redressal in the case of unfair or restrictive trade practices.

The act proposes to set-up a Central Consumer Protection Authority (CCPA) regulating matters on consumer rights violations, unfair trade practices, and misleading advertisements.

India: Non-Personal Data Governance Framework open for public consultation

The Committee of Experts deliberating on the Non-Personal Data Governance Framework has released a report for public consultation. Apart from elucidating on the trends and imbalances in the present data economy, the report makes a case for regulating non-personal data for economic, social, and public purposes. The report defines: non-personal data and its categories; the key roles of data principals, data custodians, and data trustees; the concept of data business; ownership of data, requirements for registration, data disclosure, and data sharing; and setting-up of a Non-Personal Data Regulatory Authority.

However, critics opine that mandatory data sharing by businesses, the power of the government over data, data monetisation, the role of the new regulator, and the potential overlap of the role with other regulators etc., are some of the issues that need further discussion.

APNIC provides an overview of unused IPv4 address space

The Asia Pacific Network Information Centre (APNIC) conducted an analysis of the pool of allocated but unadvertised Internet Protocol version 4 (IPv4) address space. The analysis revealed that there were 350 000 unadvertised IPv4 addresses delegated less than five years ago; around 50 million unadvertised IPv4 addresses delegated over five years ago; and around 3.4 million unadvertised and returned historical IPv4 addresses. A few of the potential actions imagined by APNIC include returning them to the original pool, transferring them, or having them managed under the APNIC account.

June 2020

Competition Commission of India approves Facebook Jio deal

The Competition Commission of India (CCI) has approved Facebook’s purchase of a 9.9% stake in Jio Platforms for Rs 43 574 crore (*a crore denotes ten million). This deal is expected to strengthen Facebook’s presence in India and reduce the debt of Reliance Industries Ltd (RIL).

IoT Alliance Australia and the Industrial Internet Consortium publish white paper on IoT and the SDGs

Internet of Things (IoT) Alliance Australia and the Industrial Internet Consortium have published a white paper entitled, ‘How Digital Transformation and IoT Can Contribute to the UN Sustainable Development Goals (SDGs)’. The paper argues that the UN’s SDGs should be factored into IoT projects and other digital transformation initiatives (business-related changes that are triggered by digital technologies).

The paper outlines five pillars necessary for the successful digital transformation of an organisation: architecture and standards; security and privacy; shared value creation; organisational development; and ecosystem governance. These pillars are therefore essential for achieving the UN’s SDGs. The paper also provides examples of how the SDGs were unintentionally achieved by organisations that utilised digital technologies. For example, using health data in mining operations can help preserve the well-being of miners (SDG 3 – Good health and well-being); using sensor data and AI to minimise fuel consumption (SDG 13 – Climate action); and using smart farming to solve decreasing workforce (SDA 9 – Industry, Innovation, and Infrastructure).

New Zealand privacy commissioner announces key changes in the Privacy Bill

The Office of the Privacy Commissioner of New Zealand (OPCNZ) has announced, new amendments to the Privacy Bill. The new changes include: Notifiable privacy breaches; Compliance notices; Enforceable access directions; Disclosing information overseas; Extraterritorial effect; New criminal offences; and, Further changes. The updated Act will allow the Human Rights Review Tribunal to award up to AU$350 000 to each member of a class action.

The Privacy Bill has been passed by the Committee of the Whole House stage in Parliament on 3 June and will now undergo a third reading in Parliament before becoming the Privacy Act 2020, expected to come into effect on 1 December 2020.

China rejects EU accusations over COVID-19 fake news

In a report entitled, ‘Getting the Facts Right’, Brussels accused China and Russia of engaging in targeted disinformation campaigns around COVID-19. Last week, Hua Chunying, spokesperson for the Chinese Foreign Ministry rejected the accusations by saying that China is a victim of disinformation campaigns, not a fabricator. In turn, Vera Jourova, vice-president of the European Commission in charge of values and transparency, claimed, ‘We are clearly mentioning Russia and China and we have sufficient evidence to make such a declaration. It's very evidence-based.’

Thai government approves draft bill on digital tax

Thailand has approved a draft legislation that would impose 7% Value Added Tax (VAT) on foreign digital companies. All non-resident digital companies or platforms that earn more than 1.8 million Baht (US$57 434.59) per year on digital services in the country will have to pay a 7% VAT on sales. To become enforceable, the draft bill will have to be approved by the Thai parliament.

Last month, Indonesia passed a law requiring big Internet companies to pay VAT on the sales of digital products and services from July, and in the Philippines, a similar bill to tax digital services was introduced in parliament.

Honda hit by cyber-attack

Japanese car maker Honda has confirmed that the company was hit by a cyber-attack which affected and disrupted their business in several countries. However, they stated that there was no breach of data and that the attack only caused ‘minimal business impact’.

Singapore plans to develop wearable contact tracing device to replace TraceTogther app

Singapore’s Minister of Foreign Affairs and Minister-in-charge of the Smart Nation and Digital Government Group, Vivian Balakrishnan, announced the government’s to plan to develop a portable and wearable contact tracing device to help deal with the COVID-19 pandemic. According to the announcement, the device will replace the TraceTogether app, will be more inclusive, and will not require a smartphone. The minister explained that since the app does not work equally well across different smartphone operating systems, the government has decided not to make the download of the app mandatory, and to find other technological alternatives.

Court rules Internet shutdowns in Papua and West Papua unlawful

The Jakarta State Administrative Court (PTUN) ruled that the decision of the Indonesian government to block Internet services in Papua and West Papua during protests in 2019 was ‘unlawful’. Between August and September 2019, the Indonesian government had on several occasions slowed down and shut down Internet access, and established Internet restrictions in West Papua and Papua in an effort to contain civil unrest.

The court said that any decision limiting people’s right to information needs to be made in accordance with the law and not merely at the government’s discretion. The court has ordered the Indonesian government to issue an apology to the public.