We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byTristian Ottley
Modified about 1 year ago
Data Protection & Privacy in Singapore Presented By Goh Seow Hiong Deputy Director (Infocomm Devt Policy) Infocomm Development Authority of Singapore 27 March 2001 Confidential © IDA Singapore 2000
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Overview 2 Privacy & Data Protection Not provided under constitution or general law BUT Public sector Strict laws protecting the confidentiality of data held by the government & statutory boards Private sector Sectoral privacy laws Industry codes of practice Common law Law of confidence
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Statutory Framework 3 Statutory framework covers both the public and private sectors (sectoral laws) Public sector Official Secrets Act Statistics Act Central Provident Fund Act Electronic Transactions Act etc. Private sector Computer Misuse Act Telecommunications Act & Telecom Competition Code Banking Act etc. More than 150+ laws with privacy provisions!
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Public Sector Framework 4 Official Secrets Act s 5 & Statutory Bodies and Government Companies (Protection of Secrecy) Act s 3 Information entrusted in confidence to a person owing to his official position must take reasonable care of the information must not retain if required lawfully to dispose of it Statistics Act Information on any individual obtained under the Act must not disclose without written consent of that person may disclose if it can be done without identifying the individual and Minister determines that an appropriate time has elapsed
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Public Sector Framework 5 Central Provident Fund Act s 59 Information acquired by employee in course of duty/employment must not, without lawful authority, communicate or publish to any person Electronic Transactions Act s 48 Information acquired through exercise of certain powers under the Act must not disclose except for lawful purposes eg. to prosecute offences under ETA Etc.
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Private Sector Framework - Regulatory 6 Computer Misuse Act s 3 Information or data held in any computer criminal offence to access without authority Telecommunications Act s 42 Information transmitted by telecommunications criminal offence to intercept without lawful authority IDA Code of Practice for Competition in the Provision of Telecom Services s (mandatory code) End User Service Information e.g. end user’s calling patterns, billing address, credit history etc. licensee has duty to protect
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Private Sector Framework - Regulatory 7 Banking Act s 47 Particulars of account holder e.g. bank balance cannot divulge without the written permission of the customer Etc.
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Private Sector Framework - Self-Regulatory 8 Industry Codes of Practice regulate the professional conduct of members provide mechanisms for complaints handling and dispute resolution Examples of such Codes Direct Marketing Association of Singapore (DMAS) Code of Practice National Association of Travel Agents of Singapore (NATAS) Code of Practice National Internet Advisory Committee’s “Electronic Commerce Code for the Protection of Personal Information and Communications of Consumers of Internet Commerce” (1998)
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 E-Commerce Code 9 Background Published by National Internet Advisory Committee in Sept 1998 Voluntary scheme establishing standards of behaviour for ISPs and Internet content providers How it works Code is administered by a Compliance Authority (self- regulatory certification body) that grants the use of a “Privacy Code Compliance Symbol” to companies that comply with the Code CaseTrust became the 1st Compliance Authority in 1999
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 E-Commerce Code 10 Objectives of code To encourage use of the Internet for delivery of public services and e-commerce To provide minimum standards for the use and management of personal information of Internet users To protect the confidentiality of private communications To provide a channel for handling of complaints by consumers of Internet commerce relating to non- compliance with the Code
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Privacy Principles in Code 11 Confidentiality Must take reasonable steps to ensure confidentiality of users’ personal particulars Must not sell users’ personal particulars (unless as part of the sale of the business as a going concern) Collection and use Should collect and use users’ personal particulars only with users’ consent Should give the user an option as to whether the provider can send promotional materials to the user on behalf of third parties or release information to third parties for the purposes of sending such materials
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Privacy Principles in Code 12 Accuracy Must take reasonable steps to ensure that users’ personal particulars are accurate and kept up-to-date can be checked by the user upon request, and erased or rectified as requested by the user
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Enforcement & Compliance 13 Compliance Provider must establish operational procedures for compliance with the Code Sanctions Compliance Authority may investigate any complaint, and after giving the provider a reasonable opportunity to be heard dismiss the complaint give a warning to the provider revoke or suspend the provider’s right to use the “Privacy Code Compliance Symbol” publicise the non-compliance by the provider
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Law of Confidence 14 Background Right derives from common law and/or equity Covers trade secrets, state secrets and personal secrets Close analogy to property Elements of action Information has quality of confidence Information is imparted within a relationship of confidentiality Unauthorised use and disclosure
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Recent Developments 15 Worldwide devts More and more countries are enacting general data protection/privacy laws e.g. Chile, Australia, Canada Lack of consumer privacy is becoming a significant obstacle to e-commerce US studies: US$2.8 b in lost online sales in 1999, potential losses of up to US$18 b by 2002 (compared to projected total sales of US$40 b) Domestic devts IDA Consultation Paper on Building Trust and Confidence in Electronic Commerce general view - businesses are not doing enough to protect privacy half think this is impeding b2c e-commerce adoption Sanctions Compliance Authority may investigate any complaint, and after giving the provider a reasonable opportunity to be heard dismiss the complaint give a warning to the provider revoke or suspend the provider’s right to use the “Privacy Code Compliance Symbol” publicise the non-compliance by the provider
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Singapore’s Response 16 Educate industry on the need to do more to protect consumer privacy Set up National Trust Council to look into pertinent issues like trust marks, fraud management & best practices in e-business to implement National Trust Mark Programme to accelerate adoption of trust marks to appoint professional bodies as Authorised Code Owners (ACOs) to certify businesses with sound e-business security & privacy practices CASE appointed as the first ACO Set up inter-government agency task force to examine privacy issues comprehensively Leverage on industry-led activities to develop best practices & codes
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 Conclusion 17 Multi-pillar approach to data protection & privacy Sectoral Laws Codes of Practice Common Law National Trust Council Data Protection Framework Industry Education
Data Protection & Privacy in Singapore 27 Mar 01 Copyright © IDA Singapore 2001 THANK YOU For more information 18
DATA PROTECTION BILL PRESENTED BY GERTRUDE M. IMBWAE National Legal Expert On Data Protection.
1 DATA PROTECTION FREEDOM OF INFORMATION AND CONTRACTS training for GOLDSMITHS COLLEGE by Sue Cullen Amberhawk Training Limited July 2010
HIPSSA Support for Harmonization of the ICT Policies in Sub-Sahara Africa 28/29 August, 2013, Swaziland.
International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa Meeting with Data Protection Law.
Copyright 2001 Brett J. Trout Security Concerns with e-Commerce Bretttrout.com.
Information Law/ Data Protection Briefing 2007 Keith G Fraser University Records Manager.
Legal Framework Chapter 5. Learning outcomes Explain difference between patent and copyright Computer Miss use Act List 8 principles of Data protection.
1 Establishing Trust in Electronic Commerce With Special Reference to Consumer Data Protection and Privacy Trevor R. Stewart New Orleans, August 1998.
The Legal Framework for Creating Trust in Cyberspace: Security and Privacy Skopje March 2006 James X. Dempsey Center for Democracy & Technology Global.
Protecting Patient Privacy: HIPAA Guidelines for Health Care Providers.
The Council of European Geodetic Surveyors Comité de Liaison des Géomètres Européens CLGE – General AssemblyCzech Republic, Prague 29 Feb – 1 March 2008.
Essentials in a Borderless World: United States and European Union Perspectives Kenneth Slade Senior Partner, Hale and Dorr LLP Boston, Massachusetts,
Qatar Financial Centre Regulatory Authority OVERVIEW OF THE QFC / CFT AML REGIME Date: 9 June 2010 By: Shaun Swan, Associate Director Joy Smallwood (IMF.
Institutional Telecomms and Computer Network Monitoring Andrew Charlesworth University of Bristol 10 June 2002.
« In Confidence » Putting in Place a Trade Secret Protection Program in an SME Najmia Rahimi Senior Program Officer, SMEs Division, World Intellectual.
Copyright Davis Wright Tremaine LLP - Jan Working with the HIPAA Privacy Manual and Forms --- HIPAA Summit West II Clark Stanton & Tom Jeffry Davis.
Data Protection Update 15 May 2014 Mairead O’Reilly Joanna Stokes.
Basel Committee Guidance on Corporate Governance for Banks Eurasian Corporate Governance Roundtable Task Force on Corporate Governance of Banks in Eurasia.
The Importance of Trade Secrets for Businesses Small and Medium Sized Enterprises (SMEs) Division World Intellectual Property Organization (WIPO)
WIPO ASIA SUB-REGIONAL WORKSHOP ON THE USE OF INTELLECTUAL PROPERTY (IP) BY SME SUPPORT INSTITUTIONS FOR THE PROMOTION OF COMPETITIVENESS OF SMEs IN THE.
IP Audit "We're in an object-oriented, outsourced, and open-sourced world, and organizations are anxious to take steps to ensure that the software they.
Company LOGO Data Protection Fundamentals Sensitisation MQA By : Mrs. Pravina DODAH Mr. Hemrajsingh BHUGOWON Date : 09 Nov 2012.
1 NAESB Data Privacy Task Force February 16, 2011.
PLANNING THE AUDIT Individual audits must be properly planned to ensure: Appropriate and sufficient evidence is obtained to support the auditors opinion;
A Business-Oriented Overview of IP for Law and Management Students Geneva, May 29-31, 2007 Small and Medium-Sized Enterprises (SMEs) Division World Intellectual.
HIPAA Training: Ensuring Privacy for our Patients Privacy Training for Harvard Medical Students.
International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Tanzanian ICT.
Title Insurance and Settlement Company Best Practices American Land Title Association.
1 HIPAA Privacy Basics Presented by: Michele A. Masucci Harvey Z. Werblowsky McDermott, Will & Emery October 30, 2002.
Communication for the open minded Study on user identification methods in card payments, e-payments and mobile payments Summary of recommendations (WP5)
© 2016 SlidePlayer.com Inc. All rights reserved.