Singapore: Adopted Personal Data Protection Regulations 2021 including cross-border data transfer regulations

On 28 January 2021, the Personal Data Protection Regulations 2021 were adopted. These regulations include changes to cross-border data transfer rules. Before transferring an individual's personal data to a country outside Singapore, organisations will have to ensure that the recipient is bound by legally enforceable obligations, including certifications, to provide a level of protection comparable to that in Singapore. Regarding specified certification, the regulation specifies that these include the Asia‑Pacific Economic Cooperation Privacy Recognition for Processors System or the Asia‑Pacific Economic Cooperation Cross Border Privacy Rules System. The regulations outline specific procedures for this verification process, as well as the prerequisites for obtaining an individual's consent for such data transfers.