Some of the key changes to the Personal Data Protection Act 2012 (“PDPA”) took effect on 1 February 2021. These include a mandatory breach notification regime and new consent exceptions, including an exception which may apply if an organisation has legitimate interests in the collection, use or disclosure of the personal data and the legitimate interests of the organisation or other person outweigh any likely adverse effect to the individual.
The Personal Data Protection (Amendment) Bill was passed by the Singapore Parliament on 2 November 2020, with the changes set to take effect in phases. The first phase of these changes took effect from 1 February 2021.
For further information, please see our article here.
Senior Associate, Singapore
Director (Prolegis LLC), Singapore