Data Protection Excellence Network (DPEX) | About Us

About Us

About the Data Protection Excellence (DPEX) Network

The Data Protection Excellence (DPEX) Network is the first of its kind facility in the ASEAN region whose aim is to provide leadership, best practices, training, research and support for all things surrounding data privacy from an operational perspective.

This collaboration of partnerships comprise certification bodies, law firms, universities and organisations who provide professional services and technologies relating to data privacy.

An ever-growing network of certification and learning bodies, members currently include Straits Interactive, De La Salle University, Philippines, International Islamic University of Malaysia, National Institute of Development Administration - NIDA, Thailand, Singapore Management University Academy and Telkom University, Indonesia, IAPP, EXIN and OCEG.

The DPEX Network is honoured to have the following Independent International Advisors on the panel, who volunteer their services to guide the community in their competency and compliance journey in the region.

Kevin Shepherdson

As the CEO and Founder of Straits Interactive Pte Ltd, Kevin provides and drives the vision, strategy and innovation of the company’s Data Privacy & GRC (Governance, Risk Management & Compliance) offerings that build upon the foundation of enabling trusted businesses and responsible marketing. He is the international author of 99 Privacy Breaches to be aware of and is adjunct with Singapore Management University.

Dr Prapanpong Khumon

LL.B (Chulalongkorn), LL.M (London), Ph.D. (London) Assistant Professor Khumon is Associate Dean at School of Law, University of the Thai Chamber of Commerce, Thailand. He also acts as Advisor to Secretary-General of the Personal Data Protection Commission in Thailand. He is in the Thai Board of Trade Committee on international trade negotiation. Professor Khumon published a number of scholar articles on trade in services in ASEAN and personal data protection. He leads several research projects for the National Broadcasting and Telecommunications Commission of Thailand (NBTC) and Ministry of Digital Economy and Society in shaping policies in media regulation, telecommunications liberalisation and personal data protection.

Dr. Sonny Zulhuda

Sonny is an Associate Professor and cyber law course coordinator at the Civil Law Department, Ahmad Ibrahim Kulliyyah of Laws, the International Islamic University Malaysia. His main interest is the intersection of law and technology, especially concerning information law, Internet governance, information security and data protection law. In the past few years Sonny advised the Office of Personal Data Protection Commissioner of Malaysia on various aspects of data protection law, from training to the codes of practice, and from the issues of trans-border data flow to data breach notifications.

Raymund Enriquez Liboro, Privacy Commissioner and Chairman, National Privacy Commission

Privacy Commissioner Raymund Liboro is a seasoned ICT convergence and communications and public administration professional. Having been appointed as the Philippine’s first Privacy Commissioner in March 2016, he fast tracked data protection policy development in the country with the issuance of the Data Privacy Act’s Implementing Rules and significant policy circulars within the first year of National Privacy Commission (NPC’s) establishment — effectively working for the country’s data privacy and protection rules to be at par with global data protection regulations. In October 2018, he put the country on the world stage by earning the Philippines a voting seat on the exclusive 5-member executive committee of the International Conference of Data Protection and Privacy Commissioners or the ICDPPC

Yudhistira Nugraha

Yudhistira Nugraha is an Indonesian civil servant for the Ministry of Communications and Informatics. He is currently appointed as the Head for the Section for Electronic Systems and Digital Economy Control – Sub-Directorate for Electronic Systems, Digital Economy and Personal Data Protection Control. He is currently working with ASEAN for Digital Data Governance Framework and European Commission for GDPR Compliance and Awareness in Indonesia.

Dr Lim Lai Cheng

Dr Lim Lai Cheng is Executive Director of SMU Academy which oversees SMU’s skillsfuture agenda and conducts professional and continuing education training in specialised areas for working adults. She is a Fellow of the School of Social Sciences at Singapore Management University.

Sarah Wang Han

Sarah Wang Han is Head of Research and a Straits Interactive consultant experienced in Chinese Data Protection Law. In addition to her L.L.M from Hunan University, China and bar certificate, she also holds the EXIN Privacy and Data Protection certificate.She is currently pursuing a doctoral degree at the University of Malaya, Malaysia with a focus on data protection law in China.

William Hioe

William founded Cynergie Consulting Pte Ltd, a company offering consultancy and training services in strategic ICT planning, strategy development, policy formulation and enterprise architecting in the region. With his more than three decades of ICT experience in the government and public sector, first as an assistant director in Systems & Computer Organisation, MINDEF, and then as a senior director of strategic planning at the National Computer Board (NCB) / Infocomm Development Authority of Singapore (IDA), he is now the regional head of consultancy for Straits Interactive.

Lyn Boxall

A lawyer based in Singapore, Lyn practices as Lyn Boxall LLC, a law firm that she established in March 2015. Lyn specializes in data protection and information security, and also practices general commercial law for a wide range of local and international clients. Prior to setting up her firm, Lyn worked for many years in various legal and business capacities with multinational corporations. Lyn holds Bachelor degrees in Commerce and Law from The University of Melbourne and a Master of Laws (Intellectual Property) degree from Monash University. She is an advocate and solicitor of The Supreme Court of Singapore and a Member of the New York Bar, as well as being admitted to practice law in the State of Victoria, Australia, and in England and Wales. In addition, Lyn holds international certifications in privacy/data protection awarded by the International Association of Privacy Professionals (IAPP), namely, Certified Information Privacy Manager (CIPM), Certified information Privacy Professional, Asia (CIPP/A), Certified Privacy Professional, Europe (CIPP/E) and Fellow of Information Privacy (FIP). She is also certified by Exin (the global independent certification institute for ICT Professionals) as a Privacy and Data Protection Practitioner.

Mazmalek bin Mohamad

Mazmalek bin Mohamad is the Commissioner of Personal Data Protection/Director General of the Department of Personal Data Protection, Ministry of Communications and Multimedia Malaysia. His previous post was the Undersecretary for the Communications Technology Division under the same Ministry. He holds Bachelor of Science from the Science University of Malaysia and Master of Science from the Technology University of Malaysia. He joined the Administrative and Diplomatic Services in 1989 and has served various Ministries and Departments including the Ministry of Energy, Water and Communications and Public Service Department. His area of competency among others are relating to Telecommunications and e-Commerce policy and regulatory matters, Malaysian Emergency Response System (MERS 999), development of rural ICT, Information Security Policy and Quality of Service and Consumer Protection (Communications).

About Straits Interactive

Straits Interactive co-leads the DPEX Community.

The company delivers end-to-end governance, risk and compliance solutions that enable trusted business and responsible marketing, especially in the area of data privacy and protection.

Recently Data Protection Trustmark (DPTM) certified, we help businesses achieve operational compliance and manage risks through a combination of cloud technology and professional services.

Our quest for innovation has led to us being recognised and awarded Intercon’s Top 50 Tech Companies (in recognition of the company’s contribution to technology) and APAC Business Headlines’ Company of the Year, 2019.

Our software-as-a-service solutions include DPOinBox and Governance, Risk & Compliance System (GRACIAs), all of which are supported by professional services that include advisory services, audits, and training.

More information about the company can be found on