Richard Kershaw is a Managing Director and leader in the Technology practice of FTI Consulting. In June 2014, the Bloom Group helped Kershaw publish an article in FTI Journal here, identifying the problem U.S. and European companies face when they try to collect information in Asia to comply with requests from their home regulators. Because of the complex data privacy laws in many Asian countries that control what information can be collected and where it can be moved, if foreign companies produce the information their home regulators are asking for they may face fines and criminal prosecution in Asia. If they don’t, their own regulators will come down on them hard. In other words, they’re damned if they do and damned if they don’t.
Based in Hong Kong, Kershaw, an expert in data forensic strategies, suggests that in this age of cloud computing – in which information may be stored here, there, or someplace else – Western companies must be alert not only to the privacy rules in the Asian countries in which they operate but to the whereabouts and character of the data that may be of interest to regulators.
Shortly after the FTI Journal article appeared, the Wall Street Journal published a commentary in its “Morning Risk Report” here focusing on the problem Kershaw identified, quoting him extensively.