This post is also available in: 简体中文 (Chinese (Simplified))

Legal Help in Personal Data Protection

Nowadays, more and more people are shopping online and joining social media sites that require sharing of personal information, therefore the potential for hackers to access and use their personal data for financial gain has never been greater. As such, the awareness of what personal data is, their abuse and rights to protect their personal data is rising.


Personal Data and Personal Data Protection Act at a Glimpse

Personal data refers to data about an individual who can be identified from that data; or from the information combined with any other information that is in the possession of the person or organisation holding the information. Basic personal data includes name, address, date of birth, telephone numbers, and bank account details. In Singapore, the Personal Data Protection Act (PDPA) develops a data protection law that involves different rules in governing the collection, use, disclosure and care of personal data.


How does the Personal Data Protection Act Works?

The PDPA ensure a baseline standard of protection for personal data with its regulatory frameworks, with the key obligations such as consent, purpose, notification, access and so on, which means that an organisation may collect, use or disclose personal data only with the individual’s knowledge and consent.


The Breaching of Personal Data

Came into full effect on July 2, 2014, the PDPA requires all organizations that collect, use or disclose personal data in Singapore must comply with the act. The PDPA establishes rules and regulations including obligations on the data controller and the consent of data subjects; rights to access [personal data] as well as security requirements.

As such, stricter rules have been imposed to prevent the breaching of personal data. The Do Not Call Registry (the DNC Registry) is one of the measurements to protect individuals whereby organizations are prohibited from sending marketing messages, be it the voice calls, text or fax messages, to Singapore telephone numbers registered with the DNC Registry. Any organisation found guilty of violating the rules will face a financial penalty up to $10,000 per message sent.

We can see that the recent trend of large-scale personal data breaches is indicating that no organisation that collects or processes personal data, is immune from data security risks, especially in cyberspace.

If you have questions about personal data protection, especially in legal action, be it you are unsure of how the PDPA works or ways to prevent leak of personal data in your company, our professional team will take a holistic, strategic approach to looking at the data breach problem. What’s more, our affiliate lawyer will help you to deal with regulator and setup data protection system. Please do not hesitate to contact us today for more information.