Singapore Updates Personal Data Protection Law

Data Protection

Personal Data Protection Act Amended By Parliament

Singapore has updated its Personal Data Protection Act (PDPA) to allow local businesses to use consumer data without consent in advance for some purposes.

The PDPA became law in Singapore law in 2012. The legislative amendments have been tabled following a public joint consultation on proposals for reform earlier this year by The Ministry of Communications and Information and the Personal Data Protection Commission (PDPC).

Parliament passed the amendments to the PDPA on Monday, November 2, 2020. Under the PDPA’s “exceptions to the consent requirement”, personal data can be used, collected or disclosed without consent by business for anomaly detection in payment systems for preventing fraud or money laundering; improving products, or conducting market research. The amended PDPA will allow organisation to share data with different contractors in order to fulfil contracts under “deemed consent”, including consent by notification.

Source: Bryan Tan | Pinsent Masons