We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byTristian Ottley
Modified about 1 year ago
Data Protection & Privacy in Singapore Presented By Goh Seow Hiong Deputy Director (Infocomm Devt Policy) Infocomm Development Authority of Singapore 27 March 2001 Confidential © IDA Singapore 2000 www.ida.gov.sg
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Overview 2 Privacy & Data Protection Not provided under constitution or general law BUT Public sector Strict laws protecting the confidentiality of data held by the government & statutory boards Private sector Sectoral privacy laws Industry codes of practice Common law Law of confidence
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Statutory Framework 3 Statutory framework covers both the public and private sectors (sectoral laws) Public sector Official Secrets Act Statistics Act Central Provident Fund Act Electronic Transactions Act etc. Private sector Computer Misuse Act Telecommunications Act & Telecom Competition Code Banking Act etc. More than 150+ laws with privacy provisions!
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Public Sector Framework 4 Official Secrets Act s 5 & Statutory Bodies and Government Companies (Protection of Secrecy) Act s 3 Information entrusted in confidence to a person owing to his official position must take reasonable care of the information must not retain if required lawfully to dispose of it Statistics Act Information on any individual obtained under the Act must not disclose without written consent of that person may disclose if it can be done without identifying the individual and Minister determines that an appropriate time has elapsed
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Public Sector Framework 5 Central Provident Fund Act s 59 Information acquired by employee in course of duty/employment must not, without lawful authority, communicate or publish to any person Electronic Transactions Act s 48 Information acquired through exercise of certain powers under the Act must not disclose except for lawful purposes eg. to prosecute offences under ETA Etc.
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Private Sector Framework - Regulatory 6 Computer Misuse Act s 3 Information or data held in any computer criminal offence to access without authority Telecommunications Act s 42 Information transmitted by telecommunications criminal offence to intercept without lawful authority IDA Code of Practice for Competition in the Provision of Telecom Services s 3.2.6 (mandatory code) End User Service Information e.g. end user’s calling patterns, billing address, credit history etc. licensee has duty to protect
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Private Sector Framework - Regulatory 7 Banking Act s 47 Particulars of account holder e.g. bank balance cannot divulge without the written permission of the customer Etc.
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Private Sector Framework - Self-Regulatory 8 Industry Codes of Practice regulate the professional conduct of members provide mechanisms for complaints handling and dispute resolution Examples of such Codes Direct Marketing Association of Singapore (DMAS) Code of Practice National Association of Travel Agents of Singapore (NATAS) Code of Practice National Internet Advisory Committee’s “Electronic Commerce Code for the Protection of Personal Information and Communications of Consumers of Internet Commerce” (1998)
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 E-Commerce Code 9 Background Published by National Internet Advisory Committee in Sept 1998 Voluntary scheme establishing standards of behaviour for ISPs and Internet content providers How it works Code is administered by a Compliance Authority (self- regulatory certification body) that grants the use of a “Privacy Code Compliance Symbol” to companies that comply with the Code CaseTrust became the 1st Compliance Authority in 1999
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 E-Commerce Code 10 Objectives of code To encourage use of the Internet for delivery of public services and e-commerce To provide minimum standards for the use and management of personal information of Internet users To protect the confidentiality of private communications To provide a channel for handling of complaints by consumers of Internet commerce relating to non- compliance with the Code
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Privacy Principles in Code 11 Confidentiality Must take reasonable steps to ensure confidentiality of users’ personal particulars Must not sell users’ personal particulars (unless as part of the sale of the business as a going concern) Collection and use Should collect and use users’ personal particulars only with users’ consent Should give the user an option as to whether the provider can send promotional materials to the user on behalf of third parties or release information to third parties for the purposes of sending such materials
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Privacy Principles in Code 12 Accuracy Must take reasonable steps to ensure that users’ personal particulars are accurate and kept up-to-date can be checked by the user upon request, and erased or rectified as requested by the user
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Enforcement & Compliance 13 Compliance Provider must establish operational procedures for compliance with the Code Sanctions Compliance Authority may investigate any complaint, and after giving the provider a reasonable opportunity to be heard dismiss the complaint give a warning to the provider revoke or suspend the provider’s right to use the “Privacy Code Compliance Symbol” publicise the non-compliance by the provider
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Law of Confidence 14 Background Right derives from common law and/or equity Covers trade secrets, state secrets and personal secrets Close analogy to property Elements of action Information has quality of confidence Information is imparted within a relationship of confidentiality Unauthorised use and disclosure
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Recent Developments 15 Worldwide devts More and more countries are enacting general data protection/privacy laws e.g. Chile, Australia, Canada Lack of consumer privacy is becoming a significant obstacle to e-commerce US studies: US$2.8 b in lost online sales in 1999, potential losses of up to US$18 b by 2002 (compared to projected total sales of US$40 b) Domestic devts IDA Consultation Paper on Building Trust and Confidence in Electronic Commerce general view - businesses are not doing enough to protect privacy half think this is impeding b2c e-commerce adoption Sanctions Compliance Authority may investigate any complaint, and after giving the provider a reasonable opportunity to be heard dismiss the complaint give a warning to the provider revoke or suspend the provider’s right to use the “Privacy Code Compliance Symbol” publicise the non-compliance by the provider
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Singapore’s Response 16 Educate industry on the need to do more to protect consumer privacy Set up National Trust Council to look into pertinent issues like trust marks, fraud management & best practices in e-business to implement National Trust Mark Programme to accelerate adoption of trust marks to appoint professional bodies as Authorised Code Owners (ACOs) to certify businesses with sound e-business security & privacy practices CASE appointed as the first ACO Set up inter-government agency task force to examine privacy issues comprehensively Leverage on industry-led activities to develop best practices & codes
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Conclusion 17 Multi-pillar approach to data protection & privacy Sectoral Laws Codes of Practice Common Law National Trust Council Data Protection Framework Industry Education
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 THANK YOU For more information http://www.ida.gov.sg http://ec.gov.sg 18
Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.
An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.
The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.
6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.
Data Protection Act AS Module Heathcote Ch. 12.
Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.
FTAA Joint Government-Private Sector Committee of Experts on Electronic Commerce - Feb.15, 2002 Some views on consumer protection in the context of electronic.
Code of Conduct for Mobile Money Providers 6 November 2014 All material © GSMA The policy advocacy and regulatory work of the GSMA Mobile Money team.
Per Anders Eriksson
The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.
Intellectual Property. Confidential Information Duty not to disclose confidential information about a business that would cause harm to the business or.
PROTECTION OF PERSONAL DATA. OECD GUIDELINES: BASIC PRINCIPLES OF NATIONAL APPLICATION Collection Limitation Principle There should be limits to the collection.
Managing Personal Information - Australian Companies Outsourcing to India and the Philippines Professor Margaret Jackson and Marita Shelly.
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.
APEC Privacy Framework “The lack of consumer trust and confidence in the privacy and security of online transactions and information networks is one element.
Compliance and Regulation for Mobile Solutions Amanda J. Smith Messick & Lauer, P.C. May 16, 2013.
PART FOUR – COMMERCIAL LEGISLATION in the UAE Legislative Structures affecting business in the UAE: An Overview Ch 16.
Overview of Engagement – Under the terms of this engagement, the Advisor will provide advice in the areas checked below. Investment Management – Develop.
1. 2 CVM’s OBJECTIVES u to stimulate the creation of savings and their investment in securities; u to promote the expansion and regular and efficient.
Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.
IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.
Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.
CODE OF ETHICS South Australian Public Sector Public Sector Act, 2009.
DON Code of Privacy Act Fair Information Principles DON has devised a list of principles to be applied when handling Protected Personal Information (PPI).
Confidentiality of Government Records and Reasons for Refusal Presentation to Boards and Committees 18 th November 2008 Carole Excell FOI Unit.
Functioning as a Business Associate Under HIPAA William F. Tulloch Director, PCBA March 9, 2004.
1 Click to Check Public FTAA.ecom/inf/122 February 13, 2002 Original: English.
Managing Risks Associated With Privacy Alison Baker- Senior Associate Hall & Wilcox 24 November
HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.
ITU Regional Seminar on E-commerce Bucharest, Romania May 2002 National E-commerce Strategies for Development Dr. Susanne Teltscher United Nations.
Eric J. Pritchard One Liberty Place, 46 th Floor 1650 Market Street Philadelphia, Pennsylvania (215)
1 Review of the Electronic Transactions Ordinance Information Infrastructure Advisory Committee 9 April 2002.
Introduction Data protection is relevant to every individual, business or organisation today, not just Local Government. As well as protecting privacy,
The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;
FAQs about the new regulatory framework Lucy Rhodes
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
1 Freedom of Information (Scotland) Act 2002 A strategic view.
PRESENTATION TO PARLIAMENTARY PORTFOLIO COMMITTEE ON THE ICASA BILL BY SENTECH LIMITED 24 th October 2005.
AN OVERVIEW OF DATA PROTECTION LAW IN THE GCC NICK OCONNELL, Senior Associate – TMT JUNE 2013.
1 Planning & Developing Copyright Policies in the Countries: Pending Issues Malaysia WIPO Study Visit to the Copyright Commission of Korea 19 – 23 November.
Institutional Telecomms and Computer Network Monitoring Andrew Charlesworth University of Bristol 10 June 2002.
Financial Services Privacy - the interaction of the privacy and financial services regulatory systems Chris Connolly Financial Services Consumer Policy.
Promoting Objectivity in Research by Managing, Reducing, or Eliminating Conflicts of Interest UT HOP UT HOP The University of Texas at Austin.
The Protection of Personal Information Bill 13 February
Tax Information Exchange Agreements Formal Ratification 2011.
1 OVERVIEW PRESENTATION FREEDOM OF INFORMATION (SCOTLAND) ACT 2002.
Data Protection and Records Management. Layout of Presentation Background to Data Protection Role of Data Protection Commissioner Principles of Data Protection.
Medical Law and Ethics, Third Edition Bonnie F. Fremgen Copyright ©2009 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved.
© 2017 SlidePlayer.com Inc. All rights reserved.