Singapore’s New Data Laws Lend a Competitive Advantage

Singapore has consistently kept abreast of changing data privacy laws over the past decade. Now, its Personal Data Protection Commission has updated data privacy protection laws to give itself broader enforcement power and mandate breach notifications. And notably, intentional and accidental mishandling of data will now be categorized as a criminal offense in Singapore.

Other updates include granting consumers the right to know if their data is accurate, and how it is used and sold. Consent must be obtained to use or sell data, and must meet the requirement of legitimate use as outlined by the PDPC. Additionally, organizations must appoint a Data Protection Officer (see ADCG’s hiring guide here) and refrain from marketing to consumers to individuals registered with a Do Not Call registry. And of course, data must be kept secure.

In addition to categorizing mishandling as a criminal offense, the PDPC plans to raise fines–by February 2022, violators could pay up to $1 million or 10% of annual gross income.

The updates come for a country that is one of the global leaders in per-capita income–JD Supra reports that Singapore’s new data privacy protection laws are motivated by a desire to stay competitive: “While most of Europe has human rights as the basis of its data protection laws, Singapore’s laws are centered around securing the country’s place in the global economic marketplace. Singapore is one of the world’s leaders in per capita income, has the highest percentage of millionaires in the world and has the highest ratio of trade to GDP in the world.”

Getting serious about data privacy can certainly be viewed as a global sign of how smaller organizations should view data privacy–as a competitive advantage.