Your Authoritative Source on Singapore Law

Information Management – Towards Consumer Data Protection Legislation in Singapore

Ter Kah Leng

(2012) 24 SAcLJ 143

Abstract:
Information privacy is commonly protected in three ways. The first is a mandatory legislative framework which allows organisations to collect and hold data, subject to certain legal obligations, while protecting the rights of individuals to information privacy (data protection). The second is a co-regulatory scheme administered by the Government and industry. The third comprises industry-based, self-regulatory codes which are voluntary business initiatives, not laws. Singapore is proposing general base-line data protection legislation applicable only to the private sector which will operate alongside existing sector-specific statutes that govern certain public and commercial sectors. The long awaited Consumer Data Protection Bill is expected in 2012, after five years of an inter-ministry review. This is long overdue in view of global commerce and networks and the prevalence of data protection laws in many countries, among which are Singapore’s major trading partners. This article will review the limited data protection that Singapore offers prior to the proposed legislation, trace the reasons in support of specific laws and suggest how the proposed framework could benefit from the experience of well-respected international and national initiatives in the area of information privacy.