Reed Smith Client Alerts

Eight years have passed since the enactment of Singapore’s comprehensive data protection law, the Personal Data Protection Act 2012 (PDPA). 

On May 14, 2020, a public consultation paper and accompanying Personal Data Protection (Amendment) Bill (Amendment Bill) were published, to solicit feedback on several proposed revisions to the PDPA. 

The consultation closed on May 28, 2020, with 70 responses received from organizations and 17 from individuals.

Auteurs: Carolyn Chia (Resource Law LLC)

What are the changes proposed by the Amendment Bill? 

The proposed changes are significant. Key amendments include: 

  1. Increased financial penalties for contraventions of the PDPA
  2. Mandatory data breach notification 
  3. Revised consent framework 
  4. New data portability obligation 
  5. Enhanced rules on telemarketing and spam
  1. Increased financial penalties for contraventions of the PDPA

There will be an increase in the financial penalty that the Personal Data Protection Commission (Commission) can impose on an organization that infringes the PDPA. Previously, there was a maximum cap of SGD 1 million. 

The Amendment Bill proposes to raise that cap to 10 percent of the gross annual turnover in Singapore of an organization, if its annual turnover exceeds SGD 10 million; or SGD 1 million, whichever is higher.