ABLI-FPF Convergences Series - Status of Consent for Processing Personal Data (Singapore report)

On Sale

SGD0.00

Free Download

Added to cart

ABLI-FPF Convergences Series - Status of Consent for Processing Personal Data (Singapore report)

Authors: Dr. Clarisse Girot, Honorary Senior Fellow, Asian Business Law Institute and Dominic Paulger, Policy Manager (APAC), Future of Privacy Forum

Asian Business Law Institute and Future of Privacy Forum

August 2022

This report provides a detailed overview of relevant laws and regulations in Singapore on

notice and consent requirements for processing personal data;
alternative legal bases for processing personal data which permit processing of personal data without consent if the data controller undertakes a risk impact assessment (e.g., legitimate interests); and
statutory bases for processing personal data without consent and exceptions or derogations from consent requirements in laws and regulations.

Table of Contents

1. INTRODUCTION

2. CONSENT AND PRIVACY SELF-MANAGEMENT UNDER THE PERSONAL DATA PROTECTION ACT (“PDPA”)

3. ROLE OF THE PERSONAL DATA PROTECTION COMMISSION (“PDPC”)

3.1. Advisory

3.2. Sanctions and enforcement

a. Majestic Debt Recovery Pte Ltd [2020] SGPDPC 7
b. H3 Leasing [2019] SGPDPC 9
c. German European School Singapore [2019] SGPDPC 8.

4. SECTORAL LEGISLATION

5. CONDITIONS FOR CONSENT

5.1. Definition and forms of consent

5.2. “Deemed consent”

5.3. Withdrawal of consent

5.4. Bundled consent

6. CONSENT FOR SPECIAL CATEGORIES OR USES OF DATA

7. CONSENT FOR CROSS-BORDER DATA TRANSFERS

8. TRANSPARENCY AND NOTICE

9. COLLECTING, USING, AND DISCLOSING DATA WITHOUT CONSENT SUBJECT TO A RISK IMPACT ASSESSMENT

9.1. Background: 2021 amendments to the PDPA

9.2. Legitimate interests of organizations

a. General legitimate interests provision
b. General legitimate interests provisions

ABLI-FPF Convergences Series - Status of Consent for Processing Personal Data (Singapore report)

1. INTRODUCTION

2. CONSENT AND PRIVACY SELF-MANAGEMENT UNDER THE PERSONAL DATA PROTECTION ACT (“PDPA”)

3. ROLE OF THE PERSONAL DATA PROTECTION COMMISSION (“PDPC”)

3.1. Advisory

3.2. Sanctions and enforcement

4. SECTORAL LEGISLATION

5. CONDITIONS FOR CONSENT

5.1. Definition and forms of consent

5.2. “Deemed consent”

5.3. Withdrawal of consent

5.4. Bundled consent

6. CONSENT FOR SPECIAL CATEGORIES OR USES OF DATA

7. CONSENT FOR CROSS-BORDER DATA TRANSFERS

8. TRANSPARENCY AND NOTICE

9. COLLECTING, USING, AND DISCLOSING DATA WITHOUT CONSENT SUBJECT TO A RISK IMPACT ASSESSMENT

9.1. Background: 2021 amendments to the PDPA

9.2. Legitimate interests of organizations

9.3. “Deemed consent by notification” .

10. COLLECTING, USING, AND DISCLOSING DATA WITHOUT CONSENT IN OTHER CIRCUMSTANCES DEFINED BY LAW

10.1. Business improvement purposes

10.2. Deemed consent by contractual necessity

10.3. Research purpose

10.4. Carrying out a task in the public interest and matters affecting the public

10.5. Law enforcement, defense, or national security

10.6. Publicly available personal data

10.7. Vital interests of the individual

10.8. Business asset transactions

10.9. Others

Data Embassies - Purposes, Features and Limitations

ABLI-FPF Convergences Series - Status of Consent for Processing Personal Data (Singapore report)

1. INTRODUCTION

2. CONSENT AND PRIVACY SELF-MANAGEMENT UNDER THE PERSONAL DATA PROTECTION ACT (“PDPA”)

3. ROLE OF THE PERSONAL DATA PROTECTION COMMISSION (“PDPC”)

3.1. Advisory

3.2. Sanctions and enforcement

4. SECTORAL LEGISLATION

5. CONDITIONS FOR CONSENT

5.1. Definition and forms of consent

5.2. “Deemed consent”

5.3. Withdrawal of consent

5.4. Bundled consent

6. CONSENT FOR SPECIAL CATEGORIES OR USES OF DATA

7. CONSENT FOR CROSS-BORDER DATA TRANSFERS

8. TRANSPARENCY AND NOTICE

9. COLLECTING, USING, AND DISCLOSING DATA WITHOUT CONSENT SUBJECT TO A RISK IMPACT ASSESSMENT

9.1. Background: 2021 amendments to the PDPA

9.2. Legitimate interests of organizations

9.3. “Deemed consent by notification” .

10. COLLECTING, USING, AND DISCLOSING DATA WITHOUT CONSENT IN OTHER CIRCUMSTANCES DEFINED BY LAW

10.1. Business improvement purposes

10.2. Deemed consent by contractual necessity

10.3. Research purpose

10.4. Carrying out a task in the public interest and matters affecting the public

10.5. Law enforcement, defense, or national security

10.6. Publicly available personal data

10.7. Vital interests of the individual

10.8. Business asset transactions

10.9. Others

You Might Also Like

Data Embassies - Purposes, Features and Limitations