In a recent decision (the Decision),[1] the Personal Data Protection Commission (PDPC) considered for the first time a company’s reliance on the Legitimate Interests Exception (as defined below) under the Personal Data Protection Act 2012 (PDPA) when the consent procured is invalid. The General Legitimate Interests Exception The general Legitimate Interests Exception was introduced to … Continue reading
With the year 2022 firmly in the rear view, and as we look to start the new year in 2023, Norton Rose Fulbright’s Regulatory Compliance and Investigations team looks back and rounds up the five key cyber and data protection developments that took place in Southeast Asia in 2022. Enhanced financial penalties under the … Continue reading
As Singapore takes its next step towards living with COVID-19, the Ministry of Manpower (“MOM”), the Singapore National Employers Federation (SNEF) and the National Trades Union Congress (NTUC) (collectively, the “Tripartite Partners”) have issued a revised set of guidelines for employers on the COVID-19 measures to be implemented at the workplace applicable from 26 April … Continue reading
As part of Singapore’s move towards living with COVID-19 as an endemic disease, the country has been making efforts to re-open its economy. In order to facilitate the safe re-opening of the economy, the Ministry of Manpower (“MOM”) and the Tripartite Alliance for Fair and Progressive Employment Practices (“TAFEP”) have collectively issued guidance for employers … Continue reading
The Singapore High Court and the Hong Kong District Court have both considered the right to compensation for injury to feelings in two recent cases involving misuse of personal data but arrived at different conclusions. Singapore: In Bellingham, Alex v. Reed, Michael, Mr. Bellingham obtained the email addresses of his former employers’ customers without their … Continue reading
On 29 January 2021, the Personal Data Protection Commission (PDPC) announced that certain sections of the Personal Data Protection (Amendment) Act 2020 (the PDPA Amendments) will take effect from 1 February 2021 – please see PDPC’s announcement; the gazetted Commencement Notification. This legal update provides a high-level summary of the PDPA Amendments that have taken … Continue reading
Following the Singapore Ministry of Communications and Information (MCI) and the Personal Data Protection Commission of Singapore (PDPC) public consultation in May this year (Public Consultation), the Personal Data Protection (Amendment) Bill (Bill) was introduced and had its first reading in Parliament on 5 October 2020. The Bill introduces five key changes to the Personal … Continue reading
On 14 May 2020, the Singapore Ministry of Communications and Information (MCI) and the Personal Data Protection Commission of Singapore (PDPC) announced a public consultation (the Public Consultation) on the draft Personal Data Protection (Amendment) Bill (the Draft Bill) and related amendments to the Spam Control Act (SCA). The Public Consultation will take place from … Continue reading
On 21 January 2020 at a meeting at the World Economic Forum, the Personal Data Protection Commission (PDPC) and Infocommunications Media Development Authority (IMDA) released the second edition of its Model Artificial Intelligence (“AI”) Governance Framework (“Model Framework”).… Continue reading
The much discussed Cybersecurity Act 2018 (Act. 9 of 2018) (the Act), which was passed by the Singapore Parliament on 5 February 2018, came into force on 31 August 2018 [1]. The new law creates a regulatory framework for the monitoring and reporting of cybersecurity threats to essential services in Singapore through the appointment of the … Continue reading
On 1 February 2018, Singapore Personal Data Protection Commission (PDPC) released its response to feedback on its public consultation on approaches to managing personal data in the digital economy, which took place in Q3 2017 (the Public Consultation). The purpose of the Public Consultation, was to seek public feedback on proposed changes to Singapore’s data … Continue reading
The Singapore Parliament passed the much discussed Cybersecurity Bill (the Bill) on 5 February 2018 and it is anticipated that the new law will come into force soon.… Continue reading
In a bid to keep pace with advancements in the technological landscape, the Singapore Government has in recent months embarked on public consultations on its draft Cybersecurity Bill (the Cyber Bill) and its proposed amendments to Singapore’s Personal Data Protection Act (PDPA) to update the country’s data protection regime. These changes will have a significant … Continue reading
Overview: On 10 July 2017, the Singapore Government unveiled its draft Cybersecurity Bill (the Bill) and announced a public consultation to seek views and comments from the industry and members of public. The public consultation runs from 10 July to 3 August 2017.This Bill comes on the back of various moves by the Singapore Government … Continue reading
Singapore’s Ministry of Home Affairs has announced amendments to the Republic’s cybersecurity laws, i.e. the Computer Misuse and Cybersecurity Act (CMCA), after a series of high-profile cyberattacks in recent years. The Computer Misuse and Cybersecurity Amendment Bill (the Bill), which will be discussed when Parliament sits on 3 April 2017, introduces four key changes to … Continue reading