​Minister of Transport and Infocommunications Yang Berhormat Pengiran Dato Seri Setia Shamhary bin Pengiran Dato Paduka Haji Mustapha, in his statement at the 21st Legislative Council (LegCo) session on March 6 shared that the Digital Economy Masterplan 2025 identified 'Digital Data Policy and Governance' as one of the key strategic enablers to support the digital transformation of Brunei Darussalam to achieve the vision of Smart Nation.

With that said, the Personal Data Protection Order, 2025 (PDPO, 2025) has been enacted in January to address the policy, legislation and regulatory framework requirements for the protection of personal data within and amongst private sector organisations.

The Authority for Info-communications Technology Industry of Brunei Darussalam (AITI) has been designated as the Data Protection Authority, which will administer and enforce the law to ensure the collection, use and disclosure or personal data are adequately protected, whilst also establishing individuals' rights to their personal data.

To date, AITI has conducted various industry consultations, public awareness, briefings and capacity building workshops on the PDPO to multiple industry sectors and associations and will continue to conduct more this year.AITI kicked-off the 'DPO Competency Programme' for two cohorts of prospective Data Protection Officers (DPO) equipping them with the knowledge and skills required to build adata management programme within their organisation.

AITI will continue to conduct DPO Competency Programme this year to encourage more participation from the private sector and nurture the growth of DPOs in Brunei Darussalam.  Upcoming programmes and guidance for the private sector organisations will include the introduction of a 'Personal Data Protection Practitioner Course' and the publication of Advisory Guidelines and Guidance Documents.

The minister highlighted that organisations must begin to create a culture of accountability in the management of personal data and thereby reducing the risks of data breaches. It iscrucial for organisations to assess its current practices to establish proper practices and processes before the enforcement of the PDPO,2025 which is aimed to be within one year of its enactment.

The order is intended to create a safe and secure environment, which will enhance the credibility of organisations both nationally and internationally.

It will facilitate trusted cross-border data flows and contribute to the development of the Digital Economy with the potential to elevate more foreign direct investment, as well as regional and international trade to Brunei Darussalam.

Further, having such framework in place aligns with initiatives under the ASEAN Economic Community (AEC) Blueprint 2025, Masterplan on ASEAN Connectivity 2025 (ADM 2025), ASEAN Framework on Personal Data Protection and ASEAN Digital Data Governance Framework.

The minister reiterated that while the PDPO, 2025 applies to private sector organsations and non-governmental organisations only, government organisations must also be aware of their obligations to manage personal data responsibly through related legal and policy frameworks such as the Official Secrets Act (Chapter 153), Protective Security Manual and the Guidelines on Personal Data Sharing.

With responsible measures in place, individuals will also be able to practice their rights in personal data protection, particularly in how it is collected, used and disclosed by organisations.

This includes being informed of the intended purpose and the right to be able to opt-in or opt-out, as well as withdraw their consent of such use.

(News & pic source: Borneo Bulletin)