The Personal Data Protection (Amendment) Act 2020

Posted on March 31, 2021

Category:

Authors: Wong Pei-Ling and Jolyn Wah.

Contributor: Rachelle Ho.

The Personal Data Protection (Amendment) Act 2020 (No. 40 of 2020) (“PDPA Amendments”) was passed by Parliament in November 2020 and came into effect on 1 February 2021.  The PDPA Amendments amend the Personal Data Protection Act 2012 (No. 26 of 2012) (“PDPA”), which is the primary legislation regulating the collection, use and disclosure of personal data in Singapore.

This article provides an update on the key aspects of the PDPA Amendments, which will be implemented in phases in 2021, beginning 1 February 2021. Several of the key amendments which are now in force are as follows:

Mandatory Data Breach Notification

Mandatory Data Breach Notification

Changes to “deemed consent” and enhanced exceptions to the consent requirement

New basis for deemed consent to apply for collection, use and disclosure of personal data

New consent exceptions for collection, use and disclosure of personal data part 1(1)New consent exceptions for collection, use and disclosure of personal data Part 2 (1)New consent exceptions for collection, use and disclosure of personal data Part 3 (1)

Proposed amendments that have not come into force

Obligation for data portability

Obligation for data portability (v1)

New offences and increased financial penalties

New offences and increased financial penalties (v1)

General disclaimer
This article is provided to you for general information and should not be relied upon as legal advice. The editor and the contributing authors do not guarantee the accuracy of the contents and expressly disclaim any and all liability to any person in respect of the consequences of anything done or permitted to be done or omitted to be done wholly or partly in reliance upon the whole or any part of the contents.