Digital Policy Alert logo

Singapore: Passed Amendment to Personal Data Protection Act

Policy overview

Description

Passed Amendment to Personal Data Protection Act

On 2 November 2020, the Personal Data Protection Act Amendment was passed by the Singapore Parliament. The Amendment stipulates, that in the case of a data breach, there would need to be a mandatory notification system to the Personal Data Protection Commission (PDPC). Moreover, the maximum financial penalty imposable for data breaches would be increased to 10% of the data controller's annual turnover in Singapore. The Amendment would also introduce the right of data portability and extends the consent framework introducing legitimate interest and business improvement exceptions.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
legislature
Government Body
data protection authority

Complete timeline of this policy change

Hide details
2020-10-05
under deliberation

On 5 October 2020, the Personal Data Protection Act Amendment was introduced to the Singapore Parli…

2020-11-02
under deliberation

On 2 November 2020, the Personal Data Protection Act Amendment was passed by the Singapore Parliame…

2020-11-25
adopted

On 25 November 2020, the Personal Data Protection Act Amendment was signed by the President of Sing…

2021-02-01
in force

On 1 February 2021, the provisions of the Personal Data Protection Act Amendment concerning data br…

2021-10-01
in force

Following the adoption of the Personal Data Protection Act amendment, the Personal Data Protection …

2022-10-01
in force

On 1 October 2022, the increase of the maximum financial penalty imposable for data breaches is ful…