Singapore has updated its Personal Data Protection Act (PDPA) to allow local businesses to use consumer data without prior consent for some purposes, such as business improvement and research. The amendments also allow for harsher financial penalties to be meted out for data breaches, above the previous cap of SG$1 million.
The changes were passed in parliament Monday, some 12 years after the legislation was introduced in October 2012. The Act is administered by the Personal Data Protection Commission (PDPC).
In his speech discussing the amendments, Singapore’s Communications and Information Minister S. Iswaran said data was a key economic asset in the digital economy, providing valuable insights that informed businesses and generating efficiencies.
It also empowered innovation and enhanced products, and was a critical resource for emerging technologies such as artificial intelligence (AI) that held transformative potential, Iswaran said.
Singapore’s regulatory architecture, therefore, must evolve and keep