Black Logo

Our site uses cookies to give you the best user experience and to collect and share information for analytics, advertising and personalization on this and other sites. Please select whether you consent to our use of cookies and related technologies (“Cookies”), as described in our Cookie Policy. You can return at any time from the same web browser to update your preferences. Please note that resetting your browser’s cookies will reset your preferences. You can control the use of some types of cookies through the Cookie Settings below, but note that if you choose to disable certain cookies, it may limit your use of certain features or functions on our services and websites.

Privacy Policy
Strictly Necessary Cookies

These cookies are required to enable core site functionality.

Functionality Cookies

Functionality cookies allow us to provide enhanced and more personalized content and features. In order to permit your connection our website, our servers receive and record information about your computer and browser, potentially including your IP address, browser type, and other software or hardware information. All of these features help us to improve your visit and assist in navigation of the sites’ features.

Analytics Cookies

We and our service providers may use analytics cookies, which are sometimes called performance cookies, to collect information about your use of our website, for instance, which pages you go to most. The information allows us to see the overall patterns of usage, help us record any difficulties users may have while using our website and can show us whether or not our advertising is effective.

Advertising And Targeting Cookies

We may use third party advertising and targeting cookies to correlate your use of our website to personal information obtained about you so that we may more clearly target the information we provide you to the specific items we think you will find interesting, based on your prior online activities and preferences. We also may use these cookies to deliver ads that we believe are relevant to you and your interests.

For more information, view our Cookie Policy


What You Should Know About Singapore's New Stricter Data Privacy Laws

Legility 07 / 20 / 21

Singapore’s Personal Data Protection Commission (PDPC) has updated legislation on how the country will manage data privacy and protections. These new laws include allowing wider enforcement controls for the PDPC, instituting mandatory notifications when data is breached and making the mishandling of data a criminal offense.

This means that if an information collector mishandles personal data in Singapore, either intentionally or accidentally, they open themselves to risk. They may be criminally prosecuted, and if found guilty, face cash fines and imprisonment.

You may wonder why many legal eyes are focused on a country that is only 276 square miles wide and is only about to celebrate its 56th year as a nation, but there are several key reasons for this interest. While most of Europe has human rights as the basis of its data protection laws, Singapore’s laws are centered around securing the country’s place in the global economic marketplace. Singapore is one of the world’s leaders in per capita income, has the highest percentage of millionaires in the world and has the highest ratio of trade to GDP in the world.

Data protection encourages worldwide investment

Singapore has been working on data protection laws for the last 10 years and has been continuously updating regulations throughout the decade. The original PDP law was drawn up in 2012 and was ratified in July of 2014. To comply with the law, companies doing business in Singapore must:

  • Notify their customers if their data is being disclosed, collected or used, and only use that data for the purposes defined.
  • Ensure consent has been granted by individuals before collecting, using or disclosing their data. According to attorneys at Latham & Watkins LLP, the new amendments from this past February include provisions for implied consent of information release and some exceptions to the PDPA consent requirements, such as “legitimate interests” and “business improvement” exceptions.
  • Upon request, an organization must be able to provide information on how a customer’s data has been used in the past 12 months.
  • Ensure personal data is complete and accurate.
  • Ensure data is kept secure from unauthorized access, modification, use, disclosure.
  • Data should only be retained when needed and should be destroyed when no longer needed.
  • Ensure that overseas external organizations provide a comparable standard of protection.
  • Designate a Data Protection Officer (DPO) and publish his/her business contact information. PDP policies should be made available to the public and employees.
  • Not send marketing messages to individuals who are registered in a National DNC (Do Not Call) registry.

Singapore has been working on data protection laws for the last 10 years and has been continuously updating regulations throughout the decade.

Singapore wants the trust of the global market

In short, companies doing business in Singapore must find a balance between respecting an individual’s right to data privacy and the organization’s use of data for legitimate business activities. PDPC Commissioner Chuen Hong Lew has said that when data breaches happen, “it is not only personal data that is lost. Reputations of individuals and organizations are involved as well.”

The PDPC is also moving toward further punitive reprisals if data is leaked or lost. Aside from criminal charges, offenders may be given higher financial penalties based on the seriousness of the data breach and the level of harm caused by the leak. By February 2022, it could cost data breach violators up to $1 million (Singapore currency) or 10% of their annual gross income.

Data portability rules are also on the horizon. This new obligation lets individuals request a copy of their personal data to be transmitted in a commonly used machine-readable format to another organization, enabling consumers to switch to new service providers more easily.

What to watch for next: Data protection in Singapore

If your company works in Singapore, or has an office there, it’s crucial to be aware of the new regulations and to safeguard all data that you collect and hold. It’s important to understand all the nuances of data protection exceptions as well, such as the allowances for business improvements and legitimate interests.

Legility helps legal teams navigate regulatory landscape changes faster and better. We can assist with:

  • Delivering specialized legal technology, expertise, and workflows for a swiftly changing technology and global regulatory environment.
  • Developing innovative ways to optimize for compliance, reduce legal costs, align IT, reduce risks, and plan for evolving regulatory environments.
  • Advising on and implementing legal strategies that help you reduce risk, contain legal costs, and ensure your organization is poised to seize new opportunities.

CCPA compliance requires a plan, a process, and the resources to make it happen. Get what you need here.

Legility is a legal services company providing data hosting and management, technology-enabled services, consulting, flexible legal talent, and managed review services to in-house law departments and law firms. Legility is not, and none of its affiliates are, a law firm and does not provide legal advice as part of its services and nothing contained herein should be construed as such.

Contact Legility experts today.

About the author


Legility, a leading provider of technology-enabled legal services, provides consulting, technology, managed solutions, and flexible legal talent to corporations and law firms. The company has more than 1,000 lawyers, engineers, consultants, technology and data specialists, and operational experts serving more than one-third of the Fortune 100 and one-quarter of the Am Law 200. Legility helps its clients improve operational efficiency. By combining people, processes, and technology, Legility offers innovative and bundled solutions that align with how the legal market is increasingly looking to engage.

Subscribe to Insights

Your one-stop shop for the Legility logo & more.

Your one-stop shop for the Legility logo, brand guidelines, photography assets, and more.

Subscribe to insights