Tag Archives: PDPC

Towards the end of last year The Straits Times reported that 90 per cent of mobile apps in Singapore (including those from banks, telcos, real estate agents and financial advisers) do not adequately comply with data protection laws in Singapore. The concern continues this year in another article in the Straits Times. This topic is important. In today's online world, it is worrying to hear about such a high level of non-compliance.  In this post we look at the issues of non-compliance and provide our top tips to help app-makers in 2016. Why are apps still not in compliance? There are two key areas where apps are not in compliance:
  1. Lack of transparency: Apps are not providing app users with clear information about what data is collected and are not obtaining informed consent from app users.
  2. Data maximisation: Apps are collecting more data than they really need. It doesn't take much of a leap … Continue Reading ››
Singapore's Personal Data Protection Commission (PDPC) has been busy.  It has just published a number of new resources to help businesses comply with the Personal Data Protection Act.  Here are the three we have identified as having the biggest practical application for companies in Singapore:
  1.  Sample clauses and guidance for marketing consents.  For companies collecting data for marketing purposes, these standard clauses will help.  They cover a broad range of scenarios, including consent in the context of membership applications and lucky draws, and language for the withdrawal of consent.  The PDPC has also published some guidance to support the sample clauses.
  2. Guide to securing data "in electronic medium".  For organisations which store data in an electronic format (so, pretty much everyone), these guidelines list certain specific IT security measures that can be implemented to enhance security, split into "good practice" and "enhanced practice".
  3. Guide to managing data breaches.  The PDPC … Continue Reading ››