Your World of Legal Intelligence
 Singapore | 1-800-335-6202

Protection Of Personal Data In Singapore

Document Cited in Related
Vincent
Published date29 December 2022
Subject MatterPrivacy, Data Protection
Law FirmKhurana and Khurana
AuthorTanya Saraswat

The 2017 Global Smart City Performance Index places Singapore at the top as a global hub for technology. In order to become the leading digital economy and a Smart Nation, the city-state has also launched the Digital Economy Framework for Action. A key component of Singapore's digital goals is cloud computing. The city-state topped the Asia-Pacific region in the 2018 Cloud Readiness Index of the Asia Cloud Computing Association as a result of significant government encouragement of cloud use across the sector. Based on its legal and regulatory environment, especially its data protection system, Singapore was ranked sixth out of 24 global IT economies for its cloud computing preparation in the 2018 BSA Global Cloud Computing Scorecard.

According to the official Quick Guide to the PDPA, Singapore's Personal Data Protection Act (PDPA) regulates the gathering, use, disclosure, and maintenance of personal data. The 9 Main Data Protection Obligations, which seek to strike a balance between individuals' rights to have their personal data protected and organisations' demands for this data for lawful and reasonable business objectives, form the basis of the PDPA.

The Singaporean Parliament approved the PDPA on October 15, 2012, and it was implemented in three stages. On January 2, 2013, the general provisions' first phase went into force. The Data Protection Advisory Committee's establishment, the establishment of the Do-Not-Call Registers by the PDPC, the scope and interpretation of the PDPA, the establishment of the PDPC, the authority that administers and enforces the PDPA, and other general PDPA provisions are all covered by these clauses. The provisions pertaining to the DNC Registry went into effect on January 2, 2014, marking the start of the second phase. The third and final phase saw the main provisions relating to the protection of personal data - specifically Parts 3 to 4 of the PDPA - come into effect on 2 July 2014.

Even when an organization might collect the personal data abroad and transfer it to the city-state of Singapore, the PDPA nevertheless applies to the processing of personal data by organizations there. The PDPA is controlled, promoted, and enforced by the Personal Data Protection Commission (the Commission). Personal information is defined by the act as information that "regardless of whether true or not, enables the identification of a living individual from that data; or from that data and additional information to which the organization...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT