Jump to content

Personal Data Protection Act 2012

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Yqwong.benjamin (talk | contribs) at 05:16, 1 May 2017. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
Personal Data Protection Act 2012
Parliament House, Singapore
Parliament of Singapore
  • An Act to govern the collection, use and disclosure of personal data by organisations, and to establish the Do Not Call Register and to provide for its administration, and for matters connected therewith, and to make related and consequential amendments to various other Acts.
CitationNo. 26 of 2012
Passed byParliament of Singapore
Passed15 October 2012
Assented to20 November 2012
Legislative history
Bill titlePersonal Data Protection Bill
Introduced byAssoc Prof Dr Yaacob Ibrahim
Status: In force

The Personal Data Protection Act 2012 (the "Act") sets out the law on data protection in Singapore. Apart from establishing a general data protection regime, the Act also regulates telemarketing practices.

Structure of the Act

The Act is arranged into ten Parts:

Part I: Preliminary
Part II: Personal Data Protection Commission and administration
Part III: General rules with respect to protection of personal data
Part IV: Collection, use and disclosure of personal data
Part V: Access to and correction of personal data
Part VI: Care of personal data
Part VII: Enforcement of Parts III to VI
Part VIII: Appeals to Data Protection Appeal Committee, High Court and Court of Appeal
Part IX: Do Not Call Registry
Part X: General

Personal Data Protection Commission

The Act establishes the Personal Data Protection Commission ("PDPC"). The PDPC is Singapore's primary data protection authority, and also administers the Do Not Call Registry. Among other matters, the PDPC issues advisory guidelines on the Act, and also enforces the Act.[1]

Data protection

The Act establishes a general data protection regime, comprising nine data protection obligations which are imposed on organisations.[2]

  1. Consent Obligation
  2. Purpose Limitation Obligation
  3. Notification Obligation
  4. Access and Correction Obligation
  5. Accuracy Obligation
  6. Protection Obligation
  7. Retention Limitation Obligation
  8. Transfer Limitation Obligation
  9. Openness Obligation

Telemarketing

The Act also regulates telemarketing practices in Singapore.

First, the Act establishes the Do Not Call Registers, on which telephone numbers may be registered. As of 30 April 2017, there are three Do Not Call Registers: (i) the No Fax Message Register; (ii) the No Text Message Register; and (iii) the No Voice Call Register. Generally, if a telephone number is listed on a Do Not Call Register (e.g. the No Text Message Register), then it is not permitted to send a marketing message of the relevant kind (e.g. text message) to that telephone number.[3]

Second, the Act imposes duties to provide information on, and to not conceal, the identities of the senders of marketing messages.[4]

References

  1. ^ "Who We Are". Personal Data Protection Commission. Retrieved 30 April 2017.
  2. ^ "Overview". Personal Data Protection Commission. Retrieved 30 April 2017.
  3. ^ "Do Not Call Registry & You". Personal Data Protection Commission. Retrieved 30 April 2017.
  4. ^ "Do Not Call Registry & Your Business". Personal Data Protection Commission. Retrieved 30 April 2017.

Further reading

Retrieved from "https://en.wikipedia.org/w/index.php?title=Personal_Data_Protection_Act_2012&oldid=778109987"