Support Centre

You have out of 10 free articles left for the week

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Singapore: Parliament passes amendments to PDPA and Spam Control Act

The Ministry of Communications and Information ('MCI') announced, on 2 November 2020, that the Parliament of Singapore had passed the proposed amendments to the Personal Data Protection Act (No. 26 of 2012) ('PDPA') and the Spam Control Act 2007. In particular, the MCI highlighted that the amendments aim to better align the PDPA with international best practices and global frameworks.

Key amendments include the following:

  • The introduction of an accountability principle in order to strengthen consumer trust;
  • Mandatory data breach notification provisions;
  • Enhanced enforcement powers for the Personal Data Protection Commission;
  • Higher maximum financial penalties of up to 10% of an organisation's annual turnover in Singapore, or SGD 1 million (approx. €626,220), whichever is higher;
  • A data portability obligation enabling individuals to request that a copy of their personal data be transmitted to another organisation;
  • Improved controls for commercial communications through amendments to both the PDPA and the Spam Control Act;
  • Expansion of deemed consent for contractual performance; and
  • A legitimate interest exception to consent.

The proposed amendments will enter into force upon their signing and publication in the Gazette.

You can read the press release here and the amendment bill here.