The Singapore parliament finally passed the personal data protection bill that is designed to safeguard an individual’s personal data against misuse. It encompasses a national Do-Not-Call registry and a new enforcement agency will be tasked to regulate the management of personal data by businesses and impose financial penalties. Singapore’s personal data protection law will give individuals more control over their personal data, since they have to give consent and be informed of the purposes for which organizations collect, use, or disclose the information.
They can seek compensation for damages directly suffered from a breach of the data protection rules through private rights of action. The Bill applies to all organizations across the private sector, but does not cover the public sector, which already has its own set of data protection rules with which all public officers must comply.To give time for businesses to adjust, the data protection law will be implemented in a phased approach and will become official by January 2013.