SMU Lexicon: Consent and Personal Data – Charting the Differences between the PDPA and GDPR

Reading Time: 10 minutesIntroduction Over the past few years, techniques to refine and process data have been developed and honed. Whether it is developments in machine learning or the internet-of-things, the invention of these technologies has made data a valuable and strategic commodity.[1] Given the importance and value of data to commercial operations, this has led to the […]

What is the role of cyber insurance in data protection?

Reading Time: 14 minutesINTRODUCTION As our world becomes ever more digitalised and data-driven, cyberattacks and data security breaches have surfaced as prominent threats to businesses and individuals alike. The increasing emergence of threats originating in the digital space has rendered the conduct of business more complex by necessitating the urgent adoption of new cybersecurity and data protection measures. […]

What marketers and business owners should know about the Thailand’s Personal Data Protection Act (PDPA)?

Reading Time: 5 minutesThailand has adopted the principals of the EU General Data Protection Regulation (“GDPR”). The Personal Data Protection Act (“PDPA”) legislation was approved and published in the Royal Gazette on May 27, 2019. A one-year grace period has been given, while the committee and office are being formed, so there is only a short time to […]

Media Law 101: Do you need permission to take photos?

Reading Time: 5 minutesIn today’s day and age, taking a photo is as easy as whipping out your mobile phone from your pocket and snapping a still image, or recording a moment. Increasingly, one’s personal data might not be so personal anymore. The Personal Data Protection Act 2012 (No. 26 of 2012) (“PDPA”) thus concretised a general data […]

HONG KONG: Court of Final Appeal confirms “obtaining access to computer with a view to dishonest gain” should not apply to a person’s own devices

Reading Time: 4 minutesIntroduction The wide interpretation of the charge of “obtaining access to computer with a view to dishonest gain for himself or another” under section 161(1)(c) of the Crimes Ordinance (Cap 200) (the “s.161(1)(c) Charge”) was considered in the Court of First Instance (“CFI”) in Secretary for Justice v Cheng Ka Yee and others[2018] HKCFI 1809, which was […]

Cybersquatting in 2019 Series : New Challenges for Business

Reading Time: 6 minutesIn this series, we will look at the everchanging world of cybersquatting and how companies should be approaching the issue in 2019. Cybersquatting has been a problem for businesses since the nineties but, following a number of recent events, companies (and their customers) are more vulnerable than ever before. Take, for example, the introduction of […]

Synergy between Blockchain Technology and Data Portability

Reading Time: 7 minutesSingapore’s Personal Data Protection Act (“PDPA”) is currently under review. In 2017, the Personal Data Protection Commission (“PDPC”) launched a public consultation on proposed amendments relating to the general concepts of collection, use and disclosure on personal data, and notifications of data breaches. Separately, the PDPC and Competition and Consumer Commission of Singapore (“CCCS”) jointly […]

HONG KONG: Can an internal non-legal representative of a litigant be a member to a confidentiality ring?

Reading Time: 4 minutesIntroduction Taching Petroleum Company Limited (“Taching”) and Shell Hong Kong Limited (“Shell”) have respectively sold industrial diesel oil to Meyer Aluminium Limited (“Meyer”) and sue for the diesel oil purchase price. In its defence, Meyer argued that Taching and Shell have colluded to fix the price or exchanged price information in breach of the First […]

PDPA Update: Can businesses collect my NRIC number, or retain my NRIC?

Reading Time: 5 minutesThis article aims to provide an overview of the NRIC advisory guidelines[1] that is effective on 1 September 2019 (“New Guidelines”) under the Personal Data Protection Act[2] (“PDPA”) and the practical issues that organisations may encounter in relation to the New Guidelines.   An overview of the PDPA and the New Guidelines  The PDPA and what it […]

Identity theft: What can you do? What does it mean to have your identity taken?

Reading Time: 5 minutesA recent survey by cyber security company McAfee found that only one in three Singaporeans ranked protecting their identity as their top cyber security priority. In today’s age of technology, people have become all the more vulnerable to cybercrimes, with identity theft being especially prevalent. Anyone can be a victim of identity theft, yet so […]

The Case of “I did not know that I needed a Personal Data Protection Policy in My Organisation”

Reading Time: 5 minutesThe “I did not know!” Defence and “Do I really need not have A Personal Data Protection Policy in My Organisation, I didn’t think I needed it”? That is exactly what the management of “Bud Cosmetics Pte Ltd” (“Bud Cosmetics”) told the Commissioner of the Personal Data Protection Commission in Re Bud Cosmetics Pte Ltd [2019] […]