Singapore: Implemented Personal Data Protection Regulations 2021 including cross-border data transfer regulations

On 1 February 2021, the Personal Data Protection Regulations 2021 came into force. These regulations include changes to cross-border data transfer rules. Before transferring an individual's personal data to a country outside Singapore, organisations have to ensure that the recipient is bound by legally enforceable obligations, such as certifications, to provide a level of protection comparable to that in Singapore. Regarding certification, the regulation specifies that these include the Asia‑Pacific Economic Cooperation Privacy Recognition for Processors System or the Asia‑Pacific Economic Cooperation Cross Border Privacy Rules System. The regulations outline specific procedures for this verification process, as well as the prerequisites for obtaining an individual's consent for such data transfers.