New Fines for Personal Data Protection Act Violations
From 1 October 2022, companies that breach the Personal Data Protection Act 2012 (PDPA) may face fines of up to:
- SGD 1 million; or
- where the organisation’s annual turnover in Singapore exceeds SGD 10 million, 10% of the organisation’s Singapore turnover.
Penalties imposed under the PDPA could potentially be more stringent compared to the GPDR, which currently imposes fines of up to €20 million or 4% worldwide turnover, whichever is higher.
Given these higher financial penalties, organisations collecting, using, or disclosing personal data in Singapore are recommended to carefully review their existing data protection programmes and processes to ensure compliance with the PDPA. read more