Peggy is a data and cyber security law specialist. Her focus is on cross-border and multi-jurisdictional matters, working with clients to create regionally consistent yet locally compliant approaches.
Peggy advises on all types of data and cyber laws with particular focus on Hong Kong and mainland China. She is also familiar with the data and cyber regulatory landscape across Asia including Singapore. Based in Singapore, Peggy provides clients with a ‘one-stop-shop’ for all multi-jurisdiction and/or cross-border data protection law, data localisation and cybersecurity law issues in Asia. She also advises on the EU GDPR with particular focus on its implications to non-EU based businesses.
Peggy holds the CIPP/A (Certified Information Privacy Professional/ Asia) qualification. Peggy has spoken at numerous conferences on Asia data protection and GDPR in the region.
Peggy was named as a Thomson Reuters Stand-out Lawyer in March 2022. Peggy was also recognised as (i) a Rising Star in APAC by IFLR in the privacy and data protection category in 2021; and (ii) an Expert in the Rising Stars Expert Guide for her work in privacy and data protection in 2020 and 2021. She was ranked as a Next Generation Lawyer in the Legal 500 Asia Pacific Guide in 2017 and 2018.
She is qualified to practice Hong Kong laws and English laws, and a foreign registered lawyer in Singapore. She is fluent in English and Chinese (Mandarin and Cantonese).
Her practice covers the following areas:
Peggy’s data and cyber security practice covers (i) regulatory and compliance (e.g. data processing, cross-border data transfer, data breach response, etc.); (ii) data commercialisation, data ownership/control and data sharing issues; and (iii) cyber security (risk management, pre-breach documentation and post-breach responses).
Peggy's experience includes advising:
- a Europe-based financial services provider on its data protection compliance project covering 15 APAC jurisdictions
- a China-based financial technology company on data privacy law issues in Asia
- a US investment bank on its data protection law compliance project including reviewing privacy statement for a newly launched mobile app, and general customer and vendor contracts review
- various Asian based conglomerates and financial institutions, on their GDPR compliance projects
- Southeast Asia's biggest technology company and super-app for ride-hailing, food delivery and payment solutions on its joint venture with a prominent insure-tech company and one of the largest global technology funds for an insurance intermediary business in Southeast Asia
- an international healthcare product supplier on data breach notifications and filings in APAC covering more than 10 jurisdictions
- a US private equity fund on telecoms licensing and other regulatory issues in relation to its acquisition of the fixed communications business from Hutchison in Hong Kong
- an Australian-based telecoms operator on its proposed joint venture with the incumbent telecoms operator in Indonesia for cloud, unified communications, security and network services
- a private equity fund on the intellectual property aspects in relation to its joint venture with a European partner for a number of European apparel brands in Greater China including conducting IP due diligence and advising on various IP agreements
Peggy holds a Bachelor of Laws and a Bachelor of Business Administration (Law) from the University of Hong Kong. She also has a Master of Law from University College London.
Peggy is admitted to practise in Hong Kong and England and Wales. She is also a registered foreign lawyer in Singapore.
Peggy is fluent in English, Mandarin and Cantonese (spoken and written).