This piece is based on a Lightning Talk at the 2024 APC Community Gathering.
At the vibrant intersection of advanced digital technology and bustling economies in East Asia, a quiet crisis is brewing in the realm of digital rights. A recent research report by Open Culture Foundation (OCF), Empowering Privacy: Civil Society Strategies in East Asia’s Digital Landscape – Taiwan, South Korea, and Hong Kong, explores how various civil societies are addressing the growing challenges of safeguarding citizens’ privacy rights in the digital world. Even as these countries anchor their next economic surge by spearheading the development of a digital economy and public services, there are growing concerns around digital privacy and surveillance.
Why focus on digital privacy?
Over the past five years or so, the COVID-19 pandemic has led governments worldwide to expand their surveillance capabilities. Simultaneously, the rapid pace of emerging technologies like Big Data and generative AI has significantly impacted people’s control over their data. These challenges highlight the need to scrutinise not only the impact of authoritarian regimes on digital privacy but also potential misgovernance in more democratic nations. Understanding how civil societies tackle specific digital privacy issues within their contexts is crucial for fostering transnational coalitions.
Why East Asia?
Choosing Taiwan, Hong Kong and South Korea as focal regions reflects their rich mix of political, cultural, geographic and economic influences, which are often underrepresented in international digital rights discussions. Their advanced digital infrastructure and diverse legal frameworks for digital privacy make them ideal examples to showcase the complex landscape of digital rights advocacy.
Methodology with a twist
Our research began with a snowball sampling method, leveraging partnerships with international and regional organisations. We combined online surveys and in-depth interviews to provide a comprehensive view of the digital privacy issues at hand. From civil society’s challenges with digital ID cards in Taiwan to South Korea’s relaxed data usage regulations to Hong Kong’s privacy concerns under the National Security Law, our study details the digital rights conflicts across these regions.
Challenges in the three East Asia countries
Taiwan: Due to a lack of robust privacy protection laws, the government’s attempt to expand digitisation and data use has sparked significant controversy. The compulsory implementation of digitised national identity cards (eID) has raised concerns about data privacy and security due to insufficient regulations and oversight. Also, national health insurance data was used for scientific research without granting citizens a right to opt-out.
In response, Taiwanese civil society groups have been vigorously involved in litigation as a primary strategy to challenge policies that endanger privacy rights. Their advocacy strategies aim to bolster public awareness and support for more robust privacy laws and digital rights.
The effectiveness of this advocacy is attributed to the grassroots, bottom-up approach that resonated with the Executive Yuan Council, leading to the acknowledgment of the demands. This has ensured a commitment to halt the eID rollout until an independent personal information protection agency is established.
South Korea: Even as the government reforms its privacy protection framework, South Korea faces challenges in balancing rights to privacy with other interests. The Data 3 Act amendments in 2020 eased some data usage restrictions for big tech companies, allowing pseudonymised data to be used for scientific and secondary purposes without consent, which sparked concerns about citizens’ rights to information autonomy. Meanwhile, the dilemma of protection privacy and public health led to a debate about the government’s mandatory contact tracing policy.
Civil society organisations (CSOs) such as APC member Open Net have responded with legal challenges that highlight the overreach of these regulations. Their advocacy focuses on litigation, bolstered by cross-sector collaboration among CSOs, to protect individual data autonomy. This has led to significant changes, including the enhancement of administrative powers for the personal data protection agency, reflecting a partial victory for privacy advocates.
Hong Kong: Amidst the authoritarian turn and strengthened suppression of its civil society, digital privacy has not only eroded but also been weaponised by the Hong Kong government. Recent amendments to the Personal Data (Privacy) Ordinance strongly focus on combating doxxing, a common strategy employed during the 2019-2020 protests. These amendments have expanded governmental powers extensively under the guise of privacy protection but have simultaneously reduced public access to databases. Mass surveillance and de-anonymisation have also been implemented in the context of the National Security Law, creating a silencing effect among activists.
In response, Hong Kong’s CSOs are bolstering their capabilities by focusing on cybersecurity training to navigate the increasingly authoritarian landscape. The advocacy space has significantly narrowed, forcing CSOs to adapt their strategies to the challenging political environment, which includes heightened surveillance and restrictions on civil liberties.
Key strategies and comparative analysis
From Taiwan’s civil society suing to halt the eID rollout to South Korea’s legal reforms strengthening data protection, the strategies are as varied as they are dynamic. Litigation remains a key strategy in both Taiwan and South Korea. Meanwhile, Hong Kong’s shift towards authoritarianism has weaponised digital privacy, necessitating enhanced cybersecurity knowledge for activists combating digital authoritarianism.
In East Asia, a consistent theme across Taiwan, South Korea and Hong Kong is the delicate balance between advancing technological policies for public service efficiency, economic growth, health research, and the necessary protection of privacy rights. This regional commonality is evident in Taiwan’s eID system implementation, South Korea’s use of pseudonymised data, and the challenges faced in Hong Kong under the National Security Law, where each government’s approach involves significant trade-offs. These issues underscore a shared regional challenge of managing the implications of advanced technology on privacy.
Additionally, a common strategy employed across these countries is the interdisciplinary collaboration among civil society actors with expertise in technology, law and human rights. This collaboration is vital for advocating digital privacy, reflecting the issue’s cross-disciplinary nature. For example, Hong Kong advocates provide cybersecurity support whereas the Taiwanese actors navigate complex litigation, while South Korean tech communities focus on reducing harm from privacy breaches. Such collaborative efforts highlight the need for technological interventions to complement, rather than replace, institutional reforms.
Conclusion with a global perspective
Our study maps the activism surrounding digital privacy in East Asia and aims to raise international awareness of these issues. By spotlighting shared concerns, we aim to strengthen transnational connections among activists and CSOs. The quest for digital rights in East Asia resembles a complex chess game of strategic moves and countermoves, where understanding these tactics is key to promoting a more democratic digital future. Let’s keep our focus on the digital horizon and ensure our data remains free from Big Brother’s grasp.
Learn more: Empowering Privacy: Civil Society Strategies in East Asia's Digital Landscape
Image: Mockups of proposed digital ID cards in Taiwan
Rosa Kuo currently serves as the Executive Secretary at the Open Culture Foundation. Over the past five years, she has been involved in the eID (digital identity) campaign from 2019 to 2021. Additionally, she led the Ranking Digital Rights Taiwan project in 2023, conducting the first digital rights evaluation of 26 Taiwanese digital companies. Her primary role includes co-leading a department, ensuring smooth operation and coordination among project members and tasks.