AI & Machine LearningGlobal

Singapore Data Festival 2026

Singapore Data Festival 2026 July 20 - 23, 2026
More Events
Learn More
Overview
Agenda
Speakers
Location

Overview

This July, the Future of Privacy Forum will be participating in several events during Singapore Data Festival (SDF), formerly known as Personal Data Protection Week. Singapore Data Festival is Asia’s leading platform for data innovation, responsible AI, and the technologies reshaping how data is shared, governed and valued.

Convened in Singapore at the heart of Asia’s digital transformation, SDF brings together the region’s data and AI leadership for conversations that matter – from the geopolitical forces reshaping cross-border data flows to the daily reality of keeping pace with technology that moves faster than policy – helping organisations move from readiness to outcomes.

Singapore’s Personal Data Protection Commission (PDPC) is the country’s main authority when it comes to issues of relevance regarding personal data protection, and represents the Singapore Government on the international stage on data protection issues. Every year, Singapore’s PDPC hosts Singapore Data Festival meant for robust discussions on the latest developments in data protection and use of data tech.

Join FPF Managing Director of APAC, Josh Lee Kok Thong, Deputy Director for Asia-Pacific and China, Dominic Paulger, Policy Analyst for Global Privacy, Bilal Mohamed and many others during this exciting week! Take a look below to get more details on these events.

Agenda

Day 2 - Tuesday, July 21, 2026

Time

Event

Location

Speakers

12:30 pm –
2:30 pm SGT

FPF Privacy Leaders’ Luncheon 

By Invitation Only

 

 

Rajah & Tann Singapore LLP

9 Straits View, #06-07, Singapore 018937

2:00 pm –
3:30 pm SGT

From Principles to Practice – Unboxing PDPC’s Generative AI Advisory Guidelines

Description Forthcoming

Hibiscus Junior Ballroom, Marina Bay Sands Expo & Convention Centre

SPEAKERS

  • Josh Lee Kok Thong, Managing Director, APAC, Future of Privacy Forum

More speakers to be announced!

5:00 pm –
7:00 pm SGT

Frontier Legal, Regulatory and Policy Issues Concerning Biometric Data, Wearables and Embodied AI

Description Forthcoming

TBA

TBA

Day 3 - Wednesday, July 22, 2026

Time

Event

Location

Speakers

2:45 pm –
3:45 pm SGT

IAPP Asia Forum 2026

Navigating India’s Personal Data Breach Regime in the AI Age

India’s Digital Personal Data Protection Act, 2023 is set to revamp privacy practices in the region by May 2027. It reserves its highest penalties for personal data breaches: USD22 million for not reporting a breach to an affected person or the Data Protection Board of India; and USD28 million for not implementing “reasonable security safeguards” to prevent breaches. By enabling the board to adopt “techno-legal measures,” the DPDPA anticipates the use of automated tools to implement such requirements.

This session unpacks the DPDPA’s breach-related requirements and examines if their design will remain suited to a rapidly AI-driven environment. It will explore how AI is changing the scale, speed and entryways for personal data breaches; how global regulators and entities are, accordingly, adapting their existing reporting regimes; and what lessons this may hold for India’s Board and regulated entities building compliance systems in the region.

What you will learn:

• How new AI applications, such as generative AI tools and agentic AI systems, are re-shaping the nature and scale of personal data breaches.

• The DPDPA’s breach-related requirements and identifying practical compliance lessons based on insights from parallel regimes in Asia and Europe.

• How AI tools can improve breach detection and reporting, and if they can enable “techno-legal” measures to comply with the DPDPA’s breach regime.

Orchid Ballroom 4302, Marina Bay Sands Expo & Convention Centre

SPEAKERS

  • Varun Sen Bahl, Lawyer and Tech Policy Researcher
  • Bilal Mohamed, Policy Manager for India, Future of Privacy Forum
  • Karishma Sundara, Founder, Kintsugi Law
  • Monika Tomczak-Górlikowska, Group Head of Privacy, Digital and Regulatory, Prosus and Naspers

2:45 pm –
3:45 pm SGT

IAPP Asia Forum 2026

The API Crisis: Securing Agentic AI in Asia’s Fastest Growing Threat Surface

As the Asia‑Pacific region rapidly deploys agentic artificial intelligence across finance, government, healthcare and digital commerce, APIs have quietly become its most critical — and most exposed — control layer. Weak API governance, shadow APIs and inconsistent multi‑cloud controls have expanded opportunities for exploitation. APIs power data retrieval, workflow automation and multi‑cloud interoperability for AI agents, but also serve as targets for data theft, disruption of service and fraud. Insecure APIs are vulnerable to broken authentication, injection attacks, outdated versions and machine‑generated traffic that obscures malicious activity.

APAC markets exhibit fast‑moving digital expansion, heavy reliance on mobile ecosystems and varied regulatory requirements across borders, creating complex environments where visibility is limited and risk is unevenly distributed. This session will explore why APIs have become a risky failure point in APAC’s emerging AI ecosystem, examine real-world examples of API security failures and present concrete actions to harden controls and strengthen governance of AI‑driven data‑flows.

What you will learn:

• How to identify and assess API risk in AI‑driven environments.

• Practical techniques to strengthen API governance across multi‑cloud and cross‑border systems.

• How to reduce enterprise exposure to API risk in alignment with evolving APAC regulatory expectations.

Orchid Ballroom 4302, Marina Bay Sands Expo & Convention Centre

SPEAKERS

  • Stephen Reynolds, Professor at Law, Indiana University School of Law
  • Raktima Roy, Privacy and AI Counsel, International Finance Corporation, World Bank
  • Josh Lee Kok Thong, Managing Director, APAC, Future of Privacy Forum

Day 3 - Wednesday, July 22, 2026

Time

Event

Speakers

4:00 pm –
5:30 pm SGT

FPF-CrowdStrike All-Regulators Panel on Agentic AI

By Invitation Only

Day 4 - Thursday, July 23, 2026

Time

Event

Speakers

3:30 pm –
5:30 pm SGT

FPF-State Department CLDP Regulator Capacity-Building Workshop

By Invitation Only

Speakers

Bilal Mohamed

Policy Analyst for Global Privacy, FPF

Bilal serves as a Policy Analyst for FPF’s Global Privacy Team and is based in India. He will focus on monitoring and analyzing developments related to the implementation and enforcement of India’s Digital Personal Data Protection Act, as well as tracking advancements in adjacent policy areas such as artificial intelligence regulation.

Prior to joining FPF, Bilal played a key role in supporting the Office of the Minister of State for the Ministry of Electronics and Information Technology, Government of India. At the Ministry, he contributed his expertise in legal and policy research, focusing on areas such as data protection, platform regulation, and online gaming.

He has also worked as a researcher at the Centre for Communication Governance (CCG), National Law University Delhi, and the Aapti Institute. While at CCG, he authored policy responses, research reports, and blog posts on issues surrounding data governance and intermediary liability. At Aapti, his research focused on the role of data stewardship models in enhancing the socio-economic value of data while preserving community privacy rights.

Bilal holds an LL.B (Honours) degree from the University of Edinburgh, where his undergraduate thesis focused on defining the contours of India’s constitutional right to privacy. He was also a 2021 Daksha Technology Law and Policy Fellow.

Dominic Paulger

Policy Manager for Asia-Pacific and China, FPF

Dominic is a Policy Manager in the Future of Privacy Forum’s Asia Pacific and China (APAC) office, where he conducts research and analyzes key trends in law, regulation, and policy relating to data protection, privacy, and emerging technologies in APAC and leads FPF’s projects and activities across the region.

Prior to joining FPF, Dominic worked in Amazon Web Services’ Global Public Policy team, where he developed strategic advocacy positions and materials to educate policymakers on a wide range of issues relating to data and the digital economy in Asia. He was also a research assistant for Dr. Clarisse Girot at the Asian Business Law Institute (ABLI), where he contributed to a major publication on legal convergence for cross-border transfers of personal data in Asia: “Transferring Personal Data in Asia: A path to legal certainty and regional convergence.” Dominic earned a J.D. from Singapore Management University and a B.A. from King’s College, London.”

Stephen Reynolds

Professor at Law, Indiana University School of Law

Stephen Reynolds (CIPP/US, CISSP), a partner at McDermott Will & Emery, advises some of the largest companies in the world on complex data security and privacy matters.

He frequently advises clients on complex matters involving data privacy and security laws and serves on the board of directors of the IAPP. Stephen’s expertise adds value to organizations by mitigating cyber threats through proactive preventative measures and navigating complex litigation on behalf of clients in data privacy and security.

As a former computer programmer and IT analyst, Stephen is uniquely able to and routinely uses his computer background in cases involving data privacy and security, electronic discovery, social media discovery, and computer forensics. Stephen has given several presentations on data privacy and security, electronic discovery and social media discovery, and is a Certified Information Privacy Professional. In addition to being a Certified Information Systems Security Professional (CISSP), Stephen teaches CISSP classes as a Direct Instructor with the (ISC)2.

Additionally, Stephen teaches a course on Data Security and Privacy Law at The Indiana University’s Robert H. McKinney School of Law.

Raktima Roy

Privacy and AI Counsel, International Finance Corporation, World Bank

Bio Forthcoming

Varun Sen Bahl

Lawyer and Tech Policy Researcher

Varun Sen Bahl is a lawyer and technology policy researcher based in New Delhi. He brings over eight years of experience advising and working with technology companies, government departments, international organizations, non-profits, and research institutes on the regulation and governance of digital and emerging technologies. Most recently, he worked at the Future of Privacy Forum as a Global Privacy Summer Fellow in Washington, D.C., and as a Public Policy Manager at Nasscom, India’s largest tech trade body, where he led the portfolio on data protection, artificial intelligence, and digital governance. He began his career working at a leading law firm specialising in technology policy and legislative drafting in India. He holds a B.A., LL.B. (Hons.) from the National Law School of India University, a Master of Public Policy at Duke University, and is a Certified Information Privacy Professional/Europe (CIPP/E).

Karishma Sundara

Founder , Kintsugi Law

Karishma Sundara is the Founder of Kintsugi Law, a boutique Indian technology, media, and telecommunications law practice. For over a decade, she has advised leading global and domestic clients across sectors — including social media, online gaming, e-commerce, edtech, fintech, and healthcare — on complex technology law issues. Her work spans the launch and expansion of technology offerings; constructive regulatory engagement on privacy, content liability, and cybersecurity issues; and high-impact privacy, fintech, and content litigation before the Supreme Court of India and other judicial fora. Well regarded for her privacy law expertise, Karishma has contributed to India’s evolving data protection framework by supporting key representations on successive drafts of the law. In the lead-up to implementation of the Digital Personal Data Protection Act, 2023, she routinely advises clients on compliance strategy, risk, and operational readiness. She also regularly guides clients on cybersecurity preparedness and incident response, AI governance, and other emerging technology issues. A frequent contributor to thought leadership in this space, she has served on planning committees for Indian privacy conferences, including Bharat Privacy. Karishma holds a BA (Hons) in Law from the University of Cambridge and an MA (Hons) in English Literature from the University of Edinburgh. Before founding Kintsugi Law, she was a Counsel at Trilegal, a leading Indian law firm.

Josh Lee Kok Thong

Managing Director for APAC, FPF

Josh is deeply passionate in the issues at the intersection of law, policy and technology, and is a changemaker in the spheres of the law of tech, and the tech of law.

As a legal architect that hopes to re-shape relationships disrupted by technology, Josh is the Managing Director, Asia-Pacific of the Future of Privacy Forum. In this role, he leads a team furthering FPF’s mission of advancing data protection best practices and the trusted development and use of emerging technologies in the region.

Josh received his LL.M. from the University of California, Berkeley, School of Law in 2022, where he was named to the Dean’s List for his academic achievements. Josh was also a Richard Buxbaum International Graduate Fellow and a White & Case Kathryn Aguirre Worth Scholar. An active contributor to Berkeley Law’s student body, Josh served as the LL.M. Editor of the Berkeley Technology Law Journal and co-founded B-LIT, Berkeley’s first legal innovation student organisation.

Before postgraduate studies, Josh served for half a decade in the Singapore Government. More recently, he was the Legal Policy Manager for Artificial Intelligence (AI) Governance in Singapore’s Personal Data Protection Commission, where he managed Singapore’s overall AI governance policies. Before that, Josh was an Assistant Director for Legal Policy in the Ministry of Law, where he drove criminal and civil legislative reform, particularly in technology and online harms. He also practiced as an international arbitration lawyer in a large Singaporean law firm.

As a driver of the tech of law, Josh is the first Chairperson of the Asia-Pacific Legal Innovation and Technology Association (https://alita.legal), a pan-regional industry platform driving legal innovation and technology initiatives in the region. Josh also co-founded LawTech.Asia (https://lawtech.asia) and etpl.asia, organizations that advance thought leadership on law and technology in Asia. In 2019, Josh was identified by Asia Law Portal as one of Asia’s Top 30 Persons to Watch in the business of law.

In addition, Josh is a member of Singapore’s Law Reform Subcommittee for Robotics and AI, where he authored a law reform report on “Criminal Liability, Robots and AI Systems”.  Josh was also a chapter co-author of Law and Technology in Singapore, which was edited by Professor Simon Chesterman, Professor Goh Yihan, and Judge of Appeal Andrew Phang. Given his keen interest in new technologies like AI and its potential impacts on society and governance, Josh is also a voting member of the IEEE P2863 Working Group on Organisational Governance of AI Systems, and holds research roles in the National University of Singapore and the Singapore Management University. He speaks regularly at conferences and dialogues in the law of tech and tech of law ecosystems.

Monika Tomczak-Górlikowska

Group Head of Privacy, Digital and Regulatory, Prosus and Naspers

Monika Tomczak-Górlikowska is the Global Head of Privacy, Digital & AI governance for the Prosus Group – a multinational consumer internet group with headquarters in Europe and one of the largest technology investors in the world. Monika also serves as a member of the Board of Directors of the IAPP. Monika began her career at the Legal Service of the General Secretariat of the Council of the EU in Brussels. She is now based in Amsterdam and previously was the Senior Data Privacy Legal Counsel at Shell International Limited in London. Monika is a licensed attorney (adwokat) with over 25-years in practice. Prior to her in-house tenures she was in private practice, including at the offices of Miller, Canfield in Poland. She holds a Master of European Law degree (LLM cum laude) from the Law Department of the College of Europe in Brugge (Belgium). Monika has also served as Co-Chair of the Steering Committee of the Forum on International Privacy Law and a member of the IAPP European Advisory Board. Monika is also hexalingual: she speaks English, French, Spanish, Italian, Polish and Portuguese fluently.

Location

Sands Expo & Convention Centre, Marina Bay Sands, Levels 3 and 4 - 10 Bayfront Ave, Singapore 018956