Speech by Mr Leong Keng Thai, Chairman of PDPC, at the Personal Data Protection Seminar 2014, Friday, 16 May 2014, at Grand Copthorne Waterfront Hotel, Singapore

16 May 2014

Minister for Communications and Information, Dr Yaacob Ibrahim,
Ms Elizabeth Denham, Privacy & Information Commissioner of British Columbia, 
Ms Jennifer Stoddart, Former Privacy Commissioner of Canada,
Fellow speakers,
Ladies and Gentlemen,

  1. Good morning and a very warm welcome to the Personal Data Protection (“PDP”) Seminar 2014.

  2. The Personal Data Protection Commission was officially launched at the inaugural PDP Seminar one year ago. I shared at the seminar last year on the benefits and challenges of the new data protection regime in Singapore and the Commission’s commitment in helping organisations align their policies and practices with the Personal Data Protection Act.   

  3. Over the past 12 months, the Commission has been kept busy with issuing various advisory guidelines to better help businesses and consumers understand how the law will apply to different daily life scenarios and business arrangements, as well as issued guidance notes to organisations to address issues that are unique to their operations. The Commission has also developed online self-help resources including how-to videos on using the Do Not Call Registry to ease understanding of processes.  

  4. The coming into effect of the DNC Registry on 2nd January this year was an important milestone for Singapore. We are glad that the DNC Registry had a smooth launch with no major operational issues. In a survey conducted by the Commission in March this year, 97 per cent of those who had added their telephone number to the DNC Registry found the process smooth-sailing and easy to use. Most of them felt that the DNC Registry was a positive initiative that helped to protect personal data from misuse. Consumers also noticed an improvement in organisation practices, such as an increase in the number of organisations asking for permission to send telemarketing messages, and a decrease in the number of messages sent with concealed or “private” numbers, showing that organisations were more mindful of the need to respect and protect the personal data under their care. 

  5. We also commissioned an industry survey and found that more than 80 per cent of organisations surveyed that were engaged in telemarketing activities aware of their obligation to check the DNC Registry and that the DNC provisions came into effect on 2nd January this year. To-date, over 3,600 organisations have created an account with the DNC Registry and 160 million telephone numbers have been checked. The DNC Registry has been able to return the list of numbers with indication of whether they have been registered at an average of 20-30 minutes, well below the expected 24-hour turnaround time.  We hope this will help organisations remain PDPA-compliant, yet efficient in their marketing operations.

  6. Since the start of the year, the Commission received about 3,700 valid complaints from the public of organisations not observing the DNC requirements. While there were a few recalcitrant cases, we are pleased that most of the organisations we approached during investigation were cooperative and took prompt steps to correct their practices. Overall, a majority of the organisations from the industry survey also felt that there would be benefits to reap from complying with the PDPA, such as increased consumer confidence, safe and protected cross-border transfer of information, and improved corporate governance.

  7. To reap the full benefits of the legislation in the long term, organisations need to instil in employees a mindset change so that employees are sensitive to early detection of potential breaches in the handling of personal data in their day-to-day activities. Processes and policies are important but they may not be fool-proof. Hence, organisations with a strong personal data protection culture amongst their employees will be better placed to meet the requirements of the Act. As we draw closer to July, we see many organisations gearing up their operations to align with the Act, which is why I am heartened to see a good turnout again this year. Your presence signifies the recognition by the business community on the importance of developing good corporate governance and practices to protect personal data and promote responsible use.

  8. The theme for this year’s seminar is “International Perspectives on Data Governance”. We hope it provides you with insights on the implementation of data protection from global and local perspectives. We are privileged to have many distinguished speakers with us, in particular Ms Elizabeth Denham, Information and Privacy Commissioner of British Columbia, and Ms Jennifer Stoddart, former Privacy Commissioner of Canada, as Canada was one of the key jurisdictions that Singapore had studied in detail when developing the personal data protection legal structures for Singapore. Canada has a well-established privacy framework in place since 1983 and has accumulated a wealth of experience in regulating personal data, amidst ever-changing technologies and business environments. 

  9. We also have with us two members from our Data Protection Advisory Committee, Professor Simon Chesterman and Mr Arun Mahizhnan, who will moderate this morning’s panel discussions on “Shaping the Future of Data Protection” and “A Holistic Approach to Data Protection Implementation”.

  10. International and industry representatives from the DBS Bank, Centre for Information Policy Leadership, the Singapore Chinese Chambers of Commerce and Industry, and Google will be sharing with us the practical approaches to data protection implementation, the importance of proper accountability as well as strategies that can be adopted to manage data protection in the technology space.
     
  11. Before I conclude, I will like to thank Dr. Yaacob Ibrahim, our Minister for Communications and Information, for gracing the event, and thank all of you for taking time to be with us here. I hope this seminar will be of benefit to you and the organisations you represent. Thank you.

Tags: