The adoption of the Personal Data Protection Act transformed the legal regime for data protection in Singapore. This book explains the history and evolution of data protection in Singapore, highlights issues that are being worked out in practice and derives lessons that Singapore can learn from other jurisdictions — and that other jurisdictions can learn from Singapore. Bringing together leading scholars and practitioners in the field, the book will be of interest to the academic, legal and business communities. Key questions include how to reconcile notions of privacy in an information age, and how national laws can regulate an increasingly interconnected world.
The second edition includes:
New chapters examining how the legislation has kept pace with technological change
- How individual rights have been balanced against business interests in the course of enforcing the law.
- It also has specialist chapters on image rights and data protection, as well as new chapters on accountability and cross-border transfers and enforcement.
From the Foreword
“This book comes at a time when we are embarking on a review of the PDPA to keep abreast of technological advancements and global developments. Our data protection regime must evolve in tandem with emerging issues such as artificial intelligence, the Internet of things, and multilateral frameworks for cross-border data flows. … I congratulate the authors and publishers on their timely contribution to the national and global discourse on this important subject.”
Minister for Communications and Information
Chapter 1 – Introduction
By Simon Chesterman
Part I: The Changing Context
Chapter 2 — From Privacy to Data Protection
By Simon Chesterman
Chapter 3 — The Online World and the Offline World
By Tan Cheng Han SC
Chapter 4 — Data Protection Law and Privacy in Singapore
By Lanx Goh & Jansen Aw
Chapter 5 — Data Protection and New Technologies
By Steve Tan
Part II: In Practice
Chapter 6 — A Practitioner’s Perspective
By Bryan Tan
Chapter 7 — Data Intermediaries and Data Breaches
By Daniel Seng
Chapter 8 — Data Protection in the Employment Setting
By Hannah Lim Yee Fen
Chapter 9 — Image Rights and Data Protection
By David Tan
Chapter 10 — The Do Not Call Registry
By Warren B Chik
Part III: New Frontiers
Chapter 11 — From Compliance to Accountability
By Yeong Zee Kin
Chapter 12 — Cross-Border Issues in Data Protection
By David N Alfred & Lanx Goh
Chapter 13 — Malaysia’s Data Protection Law
By Abu Bakar Munir
Chapter 14 — Data Privacy in Asia
By Graham Greenleaf
David N ALFRED is Chief Counsel at the Personal Data Protection Commission and deputy editor of the Commission’s Personal Data Protection Digest. In his present role, he advises the Commission on the application, administration and enforcement of Singapore’s Personal Data Protection Act, legal policy and development and cross-border data protection issues, amongst other areas. He has spoken publicly on many aspects of data protection and is keen to promote good data protection practices amongst organisations. Mr Alfred holds Bachelor and Master of Laws degrees from the National University of Singapore and a Master of Business Administration degree from the University of Chicago. He has been designated a Fellow of Information Privacy by the International Association of Privacy Professionals and holds certifications in information privacy laws and technology.
Jansen AW is a senior associate at LVM Law Chambers LLC. He was previously an assistant chief counsel with the Personal Data Protection Commission (Singapore). He is an advocate and solicitor of the Supreme Court of Singapore and has acted in a wide-range of cases as a corporate commercial litigator. He has spoken at various seminars on data protection law in Singapore and was one of the deputy editors of the Personal Data Protection Digest and author of the article “International Developments in Data Protection”  PDP Digest 386. He has obtained several credentials in privacy and data protection, namely, CIPP/A, CIPP/E and CIPM. He also holds a Fellow of Information Privacy (FIP) designation with the International Association of Privacy Professionals.
Simon CHESTERMAN is Dean of the National University of Singapore Faculty of Law and editor of the Asian Journal of International Law. Educated in Melbourne, Beijing, Amsterdam and Oxford, Professor Chesterman’s teaching experience includes periods at the Universities of Melbourne, Oxford, Southampton, Columbia and Sciences Po. From 2006 to 2011, he was Global Professor and Director of the New York University School of Law Singapore Programme. He is the author or editor of 20 books, including One Nation Under Surveillance (Oxford University Press, 2011); Law and Practice of the United Nations (with Thomas M Franck and David M Malone) (Oxford University Press, 2008); You, the People (Oxford University Press, 2004); and Just War or Just Peace? (Oxford University Press, 2001). Since 2013 he has served as an unpaid member of Singapore’s Data Protection Advisory Committee.
Warren B CHIK is an Associate Professor at the School of Law in Singapore Management University, where he teaches Information Technology and the Law and Entertainment Law. He writes and researches on subject matters related to this area of law including Internet intermediaries law, digital copyright law, the domain name regime as well as data privacy and protection law. Professor Chik graduated with a Bachelor of Laws from the National University of Singapore and with Master of Laws degrees from Tulane University and University College London.
Lanx GOH is the Team Lead for Investigations at the Personal Data Protection Commission, Singapore, and is presently also involved in the review process of the Personal Data Protection Act. He holds an Adjunct Lecturer position at the Singapore Management University School of Law where he will develop and co-teach the Privacy and Data Protection Law course, and will be a guest lecturer at the National University of Singapore (NUS) Faculty of Law where he is assisting with the formulation of the Data Privacy Law course. By invitations, he had published articles for peer-reviewed journals in Japan, Singapore and the United Kingdom on privacy, data protection and cybersecurity laws as well as international commercial litigation and arbitration. He had also spoken at various conferences and seminars such as Data Privacy Asia, IAPP Asia Privacy Forum, IAPP KnowledgeNet and NUS CLE Seminar Series. Lanx Goh is an advocate and solicitor of the Singapore Supreme Court, an accredited mediator of the Singapore Mediation Centre and the Singapore International Mediation Institute, and a Fellow of Information Privacy of the International Association of Privacy Professionals (IAPP). He graduated with a Bachelor of Laws from the University of Birmingham, a Master of Laws (awarded additional Certificate of Specialization in Law and Technology) from the University of California, Berkeley, and a Master of Science in Criminology and Criminal Justice from the University of Oxford. He holds multiple professional privacy certificates, viz. CIPP/US, CIPP/EU, CIPP/Asia and CIPM.
Graham GREENLEAF is a Professor of Law & Information Systems at the University of New South Wales, where he has researched and taught since 1983. He specialises in the relationships between information technology and law. He has degrees in Arts and Law and is a Fellow of the Australian Computer Society. His most recent book is Asian Data Privacy Laws: Trade and Human Rights Perspectives (OUP, 2014). His current areas of research focus are Asian data protection and privacy laws, public rights in copyright and the globalisation of free Internet access to legal information. In 2010, he was made a member of the Order of Australia (AM) for his contributions to advancing free access to legal information, and to the protection of privacy, and in 2017 a Fellow of the Australian Academy of Law. He is a co founder of the Australasian Legal Information Institute.
Hannah LIM Yee Fen is an Associate Professor in Business Law at Nanyang Technological University in Singapore. She holds degrees in Computer Science and in Law with Honours from the University of Sydney, Australia. She is an internationally recognised scholar in the areas of Internet & technology law, data protection law and intellectual property law. Her research has also been cited with approval by the judiciary, for example, by the High Court of Australia in Roadshow Films v iiNet  HCA 16 where her scholarship was adopted and formed one of the key reasons for decision. She is the author of three scholarly books and has published more than 40 articles in international refereed journals and has delivered more than 70 conference papers, including at US law schools such as Stanford Law School. She recently won a competitive research grant from the EU Centre in Singapore for a project on data protection.
Abu Bakar MUNIR is an internationally renowned scholar, expert and consultant on information and communications technology law and data protection law. He has previously served as Dean of the Faculty of Law in the University of Malaya, Malaysia. Currently, he is a Professor of Law at the Faculty and an Associate Fellow at the University of Malaya Malaysian Centre of Regulatory Studies. Abu Bakar Munir is the author of several books: Privatization (Dewan Bahasa dan Pustaka, 1992); Cyber Law: Policies and Challenges (Butterworths Asia, 1999); Privacy and Data Protection (Sweet & Maxwell Asia, 2002); Internet Banking: Law and Practice(LexisNexis, 2004); and Information and Communication Technology Law: State, Internet and Information (Sweet & Maxwell Asia, 2010), Personal Data Protection in Malaysia: Law and Practice (Sweet & Maxwell Asia, 2010) and Data Protection Law in Asia (Sweet and Maxwell, 2014). The second edition of this book will be available in March 2018. He speaks extensively at workshops, seminars and conferences around the globe.
Daniel SENG is an Associate Professor at the National University of Singapore Faculty of Law. He is the co-editor of the text Electronic Evidence (4th edition, IALS 2017), and was a member of several government committees responsible for various legislative reforms in the area of information technology law, including the Computer Misuse Act (Cap 50A), the Copyright Act (Cap 63), the Electronic Transactions Act (Cap 88), the Evidence Act (Cap 97) and the Layout-Designs of Integrated Circuits Act (Cap 159A). Professor Seng was appointed amicus curiae by the Court of Appeal in the case of Chwee Kin Keong v Digilandmall.com Pte Ltd  1 SLR(R) 502 – a landmark decision on the issue of unilateral mistake in the electronic contracting environment. He has written and presented numerous papers and studies on data protection, electronic banking, digital evidence, digital copyright, intermediary liability, artificial intelligence and machine learning issues at various local, regional and international conferences and workshops, including workshops and conferences organised by the World Intellectual Property Organization (“WIPO”), the WIPO Standing Committee on Copyright and Related Rights and the World Bank. He is also a special consultant to WIPO and had contributed various monographs on Internet intermediary liability and copyright limitations and exceptions for educational activities from the perspective of international copyright law.
Bryan TAN is a partner at Pinsent Masons LLP. Qualified in both England and Wales and Singapore, he practises in such areas as finance, information technology, telecommunications, biotechnology and bioinformatics, Chinese intellectual property, entertainment law and corporate work. He advises corporates and institutions, as well as governments. He has given numerous talks in Singapore and abroad to research institutes, universities, governments and industry bodies and is a legal adviser to the ASEAN Single Window project. He is an author of Halsbury’s Laws of Singapore: E-Commerce vol 8(3) (LexisNexis, 2008) and Halsbury’s Laws of Malaysia: E-Commerce vol 31 (LexisNexis, 2006) and Halsbury’s Laws of Malaysia: E-Commerce vol 16(1) (LexisNexis, 2009 reissue). He also co-wrote the “Singapore” chapter of Electronic Evidence (LexisNexis, 2009) and the “Singapore” chapter of Handbook of Comparative Higher Education Law (Rowman & Littlefield Education, 2013). Mr Tan also has a regular column on ZDNet on legal tech issues.
David TAN is an Associate Professor and Vice Dean (Academic Affairs) at NUS Law where he oversees the undergraduate and postgraduate teaching curriculum. He holds Ph.D., LL.B. (First Class Honours), and B.Com. degrees from the University of Melbourne and an LL.M. from Harvard. He has been a visiting professor at University of Hong Kong Faculty of Law and Melbourne Law School, teaching courses in intellectual property and popular culture. At NUS Law, Tan has pioneered courses in Freedom of Speech and Entertainment Law. His areas of research cover personality rights, copyright, trademarks, freedom of expression and tort law, and his articles have been cited by Singapore’s highest appellate court. His law publications have appeared in a wide range of journals that include Yale Journal of International Law, Harvard Journal of Sports & Entertainment Law, Fordham Intellectual Property, Media & Entertainment Law Journal, Sydney Law Review, Singapore Academy of Law Journal, Media & Arts Law Review and Law Quarterly Review. His monograph, The Commercial Appropriation of Fame: A Cultural Analysis of the Right of Publicity and Passing Off, was published by Cambridge University Press in 2017.
Steve TAN is a Partner in the law firm Rajah & Tann Singapore LLP. He specialises in Data Protection, Information Technology, Cybersecurity, Intellectual Property, Telecommunications and Digital Media/Entertainment law. He has been recognised as a leading lawyer in PLC Cross-border Media and Communications Handbook, Asia Pacific Legal 500 2010 to 2018, AsiaLaw Profiles, Practical Law Company Which Lawyer, Chambers Asia Pacific 2013 to 2018, Best Lawyers 2013 to 2017, and The International Who’s Who of Telecoms and Media Lawyers. Steve has been named Communications Lawyer of the Year in the Corporate Livewire 2015 Legal Awards. Steve is cited as “one of the best in the field of personal data protection” in Legal 500 2017. Chambers Asia Pacific 2018 states that Steve “has a strong reputation for his work in IT and data protection”. Steve is at the forefront of data protection and cybersecurity work and developments in Singapore as well as in Asian regional countries. Steve is frequently invited to share his insights on data protection/cybersecurity/IT/IP/ Entertainment law and developments, at speaking engagements around the world such as Europe, USA including Singapore.
TAN Cheng Han SC is Chairman of the E W Barker Centre for Law and Business and a Professor of Law at the National University of Singapore Faculty of Law, where he served as Dean from 2001 to 2011. He has been a visiting professor at Bucerius University, East China University of Political Science and Law, National Taiwan University and Peking University, and was a member of the International Advisory Committees of the National Chengchi University College of Law (2009) and the Australian National University College of Law (2011). His other roles include being Chairman of Singapore Exchange Regulation Pte Ltd, a Council Member of Sport Singapore, a board member of the Accounting and Corporate Regulatory Authority, Chairman of the Public Accountants Oversight Committee, and a member of the Governing Board of the International Association of Law Schools. Some recent publications are: “Veil Piercing — A Fresh Start”  Journal of Business Law 20; “State-Owned Enterprises in Singapore: Historical Insights into a Potential Model for Reform”, 28 Columbia Journal of Asian Law 61 (2015) (with Dan Puchniak and Umakanth Varottil); “The Agency of Liquidators and Receivers” in Agency Law and Commercial Practice (Oxford University Press, 2016) (with Associate Professor Wee Meng Seng); and “Equity, Shareholders and Company Law” in Equity, Trusts and Commerce (Hart Publishing, 2017) (with Associate Professor Wee Meng Seng).
YEONG Zee Kin is Assistant Chief Executive (Data Innovation and Protection Group) of the Infocomm Media Development Authority of Singapore (IMDA) and Deputy Commissioner of the Personal Data Protection Commission (PDPC). In his capacity as ACE (Data Innovation and Protection Group), Zee Kin oversees IMDA’s Artificial Intelligence and Data Industry development strategy. This is one of four frontier technology areas IMDA has identified for its transformational potential for a Digital Economy. The other three are cybersecurity, the Internet of Things, and immersive media. In his role as an AI and data analytics champion, Zee Kin’s work includes developing forward-thinking governance on AI and data, driving a pipeline of AI talent, promoting industry adoption of AI and data analytics, as well as building specific AI and data science capabilities in Singapore.
As the Deputy Commissioner of PDPC, Zee Kin oversees the administering and enforcement of the Personal Data Protection Act (2012). His key responsibilities include managing the formulation and implementation of policies relating to the protection of personal data, as well as the issuing of enforcement directions for organisational actions. He also spearheads the public and sector-specific educational and outreach activities, to raise both awareness and compliance in organisations and individuals in personal data protection. Zee Kin’s experience as a Technology, Media and Telecommunications lawyer spans both public and private sector. Prior to taking up his current appointments, he was Senior State Counsel and Director of Technology Law in the Civil Division of the Attorney-General’s Chambers and held a concurrent appointment as Senior Director (Special Projects) in the Legal Services department of the Ministry of Communications and Information. During that time, he was also legal advisor to the Smart Nation Programme Office and the Cyber Security Agency.
Before that, he was Senior Assistant Registrar and CIO cum CDO of the Supreme Court of Singapore. During his time in the Supreme Court, his administrative responsibilities included (at various times) the management of its registry, statistics unit and CISD. He managed the Supreme Court’s Shipping, Intellectual Property, Information Technology and Employment lists and developed the specialised procedures for electronic discovery and managing IP cases in the Supreme Court IP Court Guide. He commenced his career as a Deputy Public Prosecutor and State Counsel with the Attorney- General’s Chambers where he prosecuted white collar cases and cybercrimes. In between, he was also with Rajah & Tann’s Intellectual Property and Technology (iTec) practice for a few years.