You can see the rules and regulations in other jurisdictions.
Client data would be protected under the Personal Data Protection Act 2012 (PDPA) to the extent that it consists of personal data, which is defined as 'data, whether true or false, about an individual able to be identified (a) through that data, or (b) through that data and other information to which the organisation has or is likely to have access'. There are two key components to the PDPA:
Internet protocol solutions, such as WhatsApp, may still be affected by the do-not-call registry regime since it sends out messages via Singapore phone numbers. The Personal Data Protection (Amendment) Act 2020 will raise the maximum financial penalty that could be imposed on organisations to a higher level of 10 per cent of their annual turnover in Singapore or S$1 million. However, the increased limit is not in effect yet and will only come into force at a future date which has yet to be announced.1
Client data will also be protected by the common law obligation of confidentiality. Data recipients would be subject to confidentiality obligations when:
It is possible to breach confidentiality if confidential information is disclosed without consent.1
Singapore has specific regulations in place to ensure the protection of bank customers' information and the confidentiality of trust-related data, such as settlors' and beneficiaries' details. There is no existing legislation specifically aimed at regulating digital profiling; however, organizations running a profiling solution should take into consideration the PDPA and other related laws on privacy and data protection.1
Cross-border payments in Singapore
Comprehensive legal services for businesses on corporate, tax law, cryptocurrency legislation, investment activities
