Wilson Ang

Subscribe to all posts by Wilson Ang

Singapore Releases Proposed Advisory Guidelines on Use of Personal Data in AI Recommendation and Decision Systems

Photo of Wilson AngPhoto of Jeremy Lua (SG)By Wilson Ang and Jeremy Lua (SG) on Posted in Artificial Intelligence, Data Protection, PDPA, Privacy law
On 18 July 2023, Singapore’s Personal Data Protection Commission (PDPC) issued its Proposed Advisory Guidelines on Use of Personal Data In AI Recommendation and Decision Systems (the Proposed AI Advisory Guidelines) for public consultation. The Proposed AI Advisory Guidelines address the following: The Proposed AI Advisory Guidelines may be accessed here. A brief summary of, … Continue reading

European Commission and ASEAN releases Guide to ASEAN Model Contractual Clauses and EU Standard Contractual Clauses

Photo of Marcus Evans (UK)Photo of Anna GamvrosPhoto of Wilson AngPhoto of Jeremy Lua (SG)By Marcus Evans (UK), Anna Gamvros, Wilson Ang and Jeremy Lua (SG) on Posted in Data Protection, Data Transfer, PDPA, Privacy law
Introduction To enable international businesses to comply with cross-border personal data transfers and the relevant laws across the European Union (EU) and South-East Asia, on 24 May 2023 the European Commission and the Association of Southeast Asian Nations (ASEAN) published a Reference Guide to ASEAN Model Contractual Clauses (ASEAN MCCs) and EU Standard Contractual Clauses … Continue reading

Relying on the Legitimate Interests Exception under the Personal Data Protection Act 2012

Photo of Wilson AngPhoto of Jeremy Lua (SG)By Wilson Ang, Jeremy Lua (SG) and Terence De Silva on Posted in General
In a recent decision (the Decision),[1] the Personal Data Protection Commission (PDPC) considered for the first time a company’s reliance on the Legitimate Interests Exception (as defined below) under the Personal Data Protection Act 2012 (PDPA) when the consent procured is invalid. The General Legitimate Interests Exception The general Legitimate Interests Exception was introduced to … Continue reading

A Look Back On Five Key Developments in Cybersecurity and Data Protection in Southeast Asia in 2022

Photo of Wilson AngPhoto of Jeremy Lua (SG)By Wilson Ang, Jeremy Lua (SG) and Ernest Cheong on Posted in Data Protection
With the year 2022 firmly in the rear view, and as we look to start the new year in 2023, Norton Rose Fulbright’s Regulatory Compliance and Investigations team looks back and rounds up the five key cyber and data protection developments that took place in Southeast Asia in 2022.    Enhanced financial penalties under the … Continue reading

Essential guidance for employers on COVID-19 measures at the workplace from 26 April 2022

Photo of Wilson AngPhoto of Jeremy Lua (SG)By Wilson Ang, Jeremy Lua (SG) and Wang Chen Yan on Posted in PDPA, Privacy law
As Singapore takes its next step towards living with COVID-19, the Ministry of Manpower (“MOM”), the Singapore National Employers Federation (SNEF) and the National Trades Union Congress (NTUC) (collectively, the “Tripartite Partners”) have issued a revised set of guidelines for employers on the COVID-19 measures to be implemented at the workplace applicable from 26 April … Continue reading

Essential guidance for employers on COVID-19 measures at the workplace from 1 January 2022 (including recent updated measures announced on 27 December 2021)

Photo of Wilson AngPhoto of Jessica Paulin (SG)Photo of Jeremy Lua (SG)Photo of Parry TanBy Wilson Ang, Jessica Paulin (SG), Jeremy Lua (SG) and Parry Tan on Posted in PDPA
As part of Singapore’s move towards living with COVID-19 as an endemic disease, the country has been making efforts to re-open its economy. In order to facilitate the safe re-opening of the economy, the Ministry of Manpower (“MOM”) and the Tripartite Alliance for Fair and Progressive Employment Practices (“TAFEP”) have collectively issued guidance for employers … Continue reading

A Tale of Two Cities: The Right of Private Action in Data Protection in Singapore and Hong Kong

Photo of Wilson AngPhoto of Anna GamvrosPhoto of Jeremy Lua (SG)Photo of Edward Yau (HK)By Wilson Ang, Anna Gamvros, Jeremy Lua (SG) and Edward Yau (HK) on Posted in Dispute resolution and litigation, General, PDPA, Privacy law
The Singapore High Court and the Hong Kong District Court have both considered the right to compensation for injury to feelings in two recent cases involving misuse of personal data but arrived at different conclusions. Singapore: In Bellingham, Alex v. Reed, Michael, Mr. Bellingham obtained the email addresses of his former employers’ customers without their … Continue reading

Amendments to the Personal Data Protection Act In Force

Photo of Stella Cramer (SG)Photo of Wilson AngPhoto of Jeremy Lua (SG)By Stella Cramer (SG), Wilson Ang, Jeremy Lua (SG) and Crystal Wong on Posted in Data breach, Data Transfer, PDPA
On 29 January 2021, the Personal Data Protection Commission (PDPC) announced that certain sections of the Personal Data Protection (Amendment) Act 2020 (the PDPA Amendments) will take effect from 1 February 2021 – please see PDPC’s announcement; the gazetted Commencement Notification.  This legal update provides a high-level summary of the PDPA Amendments that have taken … Continue reading

Singapore tables changes to the Personal Data Protection Act in Parliament

Photo of Wilson AngPhoto of Stella Cramer (SG)Photo of Jessica Paulin (SG)Photo of Jeremy Lua (SG)By Wilson Ang, Stella Cramer (SG), Jessica Paulin (SG) and Jeremy Lua (SG) on Posted in Cybersecurity, Data breach
Following the Singapore Ministry of Communications and Information (MCI) and the Personal Data Protection Commission of Singapore (PDPC) public consultation in May this year (Public Consultation), the Personal Data Protection (Amendment) Bill (Bill) was introduced and had its first reading in Parliament on 5 October 2020. The Bill introduces five key changes to the Personal … Continue reading

Singapore’s Public Consultation on proposed changes to the Singapore Personal Data Protection Act

Photo of Wilson AngPhoto of Stella Cramer (SG)Photo of Jessica Paulin (SG)Photo of Jeremy Lua (SG)By Wilson Ang, Stella Cramer (SG), Jessica Paulin (SG) and Jeremy Lua (SG) on Posted in General
On 14 May 2020, the Singapore Ministry of Communications and Information (MCI) and the Personal Data Protection Commission of Singapore (PDPC) announced a public consultation (the Public Consultation) on the draft Personal Data Protection (Amendment) Bill (the Draft Bill) and related amendments to the Spam Control Act (SCA). The Public Consultation will take place from … Continue reading

Singapore’s new Cybersecurity Act comes into force: Here’s what you need to know

Photo of Stella Cramer (SG)Photo of Wilson AngPhoto of David Olds (SG)Photo of Jessica Paulin (SG)Photo of Jeremy Lua (SG)By Stella Cramer (SG), Wilson Ang, David Olds (SG), Jessica Paulin (SG) and Jeremy Lua (SG) on Posted in General
The much discussed Cybersecurity Act 2018 (Act. 9 of 2018) (the Act), which was passed by the Singapore Parliament on 5 February 2018, came into force on 31 August 2018 [1]. The new law creates a regulatory framework for the monitoring and reporting of cybersecurity threats to essential services in Singapore through the appointment of the … Continue reading

Singapore PDPC responds to feedback on public consultation on approaches to managing personal data

Photo of Stella Cramer (SG)Photo of Wilson AngPhoto of Jessica Paulin (SG)Photo of David Olds (SG)Photo of Jeremy Lua (SG)By Stella Cramer (SG), Wilson Ang, Jessica Paulin (SG), David Olds (SG) and Jeremy Lua (SG) on Posted in Compliance and risk management, Data breach, Regulatory response
On 1 February 2018, Singapore Personal Data Protection Commission (PDPC) released its response to feedback on its public consultation on approaches to managing personal data in the digital economy, which took place in Q3 2017 (the Public Consultation). The purpose of  the Public Consultation, was to seek public feedback on proposed changes to Singapore’s data … Continue reading

Singapore proposes changes to cybersecurity and data protection regimes

Photo of Stella Cramer (SG)Photo of Wilson AngPhoto of Magdalene Lie (UK)Photo of Jeremy Lua (SG)By Stella Cramer (SG), Wilson Ang, Magdalene Lie (UK) and Jeremy Lua (SG) on Posted in Cybercrime, Data breach
In a bid to keep pace with advancements in the technological landscape, the Singapore Government has in recent months embarked on public consultations on its draft Cybersecurity Bill (the Cyber Bill) and its proposed amendments to Singapore’s Personal Data Protection Act (PDPA) to update the country’s data protection regime. These changes will have a significant … Continue reading

Singapore – Comprehensive Cyber Bill Published For Consultation

Photo of Stella Cramer (SG)Photo of Wilson AngPhoto of Jeremy Lua (SG)By Stella Cramer (SG), Wilson Ang and Jeremy Lua (SG) on Posted in Compliance and risk management, Regulatory response
Overview: On 10 July 2017, the Singapore Government unveiled its draft Cybersecurity Bill (the Bill) and announced a public consultation to seek views and comments from the industry and members of public. The public consultation runs from 10 July to 3 August 2017.This Bill comes on the back of various moves by the Singapore Government … Continue reading

Singapore cybersecurity – new amendments introduce four key changes

Photo of Stella Cramer (SG)Photo of Wilson AngPhoto of Magdalene Lie (UK)Photo of Jeremy Lua (SG)By Stella Cramer (SG), Wilson Ang, Magdalene Lie (UK) and Jeremy Lua (SG) on Posted in General
Singapore’s Ministry of Home Affairs has announced amendments to the Republic’s cybersecurity laws, i.e. the Computer Misuse and Cybersecurity Act (CMCA), after a series of high-profile cyberattacks in recent years. The Computer Misuse and Cybersecurity Amendment Bill (the Bill), which will be discussed when Parliament sits on 3 April 2017, introduces four key changes to … Continue reading
LexBlog