Speech by Mr Leong Keng Thai, Chairman of PDPC, at the Personal Data Protection Seminar 2015, Friday, 8 May 2015, at The Ritz Carlton, Millenia Singapore
08 May 2015
Dr Yaacob Ibrahim, Minister for Communications and Information,
Mr. Aubeck Kam, Permanent Secretary, Ministry of Communications and Information,
Mr John Edwards, Privacy Commissioner, Office of the Privacy Commissioner of New Zealand,
Fellow speakers,
Ladies and Gentlemen,
- Good morning and a very warm welcome to the Personal Data Protection Seminar 2015.
- This is our third year holding this annual seminar, and similar to previous years, response has been overwhelming. I am glad that the issue of personal data remains a priority for all of you. Through today’s discussions, I hope that you will gain insights into how data protection frameworks are implemented by governments and organisations around the world, how organisations in Singapore have implemented data protection processes and how your organisation can exploit the benefits of Big Data whilst complying with the Personal Data Protection Act, or in short the “PDPA”.
- This year, the focus of discussions will be centred on protecting and securing personal data. This is especially relevant as we see more data breach incidents in an increasingly data-driven world.This is coupled with an increasing public consciousness on the need for consumer personal data to be protected. In many data breaches, it is not only personal data that is lost. Reputations of individuals and organisations involved are also affected. Therefore, there is a real benefit for organisations to take the protection of personal data seriously, and a real cost for those that do not.
Compliance with the PDPA will benefit organisations by helping them gain customer confidence and trust
- Earlier this year, the Commission conducted a survey with organisations in Singapore to assess their readiness in complying with the PDPA. We are heartened to find that many organisations in Singapore have risen up to the challenge to protect the personal data of consumers, as well as to comply with the requirements of the Act.
- More than 90% of organisations surveyed said that they were aware of the requirements relating to Data Protection under the PDPA. Results from the survey also showed that more than 80% of organisations have some measures in place to comply with the PDPA, such as keeping personal data in a secure manner and obtaining consent from their customers before the collection, use and disclosure of their personal data. In terms of the benefits to organisations, about 90% of them agree that the PDPA is beneficial for consumers.In addition, about 80% agree that the PDPA strengthens Singapore as a data hub, and that the Act has benefited organisations through increased consumer confidence and improved corporate governance. These are encouraging results. However, awareness of the PDPA can be improved amongst local Small and Medium Companies and the Commission will continue dedicating our efforts to reach out to them, as well as help them develop their data protection policies and practices.
- To equip more people who can help implement data protection processes in their organisations, the Commission will continue to support and conduct workshops and briefings on the PDPA.Course fee funding for the PDPA Workforce Skills Qualifications course is up to 90% for SMEs, and since it started in June last year, about 3,000 individuals have benefited, out of which more than 50% were SME participants. The Commission’s e-learning programme on our website has also attracted about 7,000 users in the last 9 months. The programme will be enhanced with a self-assessment module this year to allow individuals to test their knowledge of the Act and organisations can also use this as a corporate training tool for all their staff.
- To help organisations interpret how the law affects scenarios common in specific industries, the Commission will also be issuing more advisory guidelines and guides. I am glad that sector associations such as the Singapore Hotel Association have also taken a pro-active role in developing advisory guidelines for their respective sectors. These proposed guidelines will be put out for public consultation before they are issued, which will allow organisations in these sectors to provide comments, and for the associations to improve upon the working draft, to ensure that these public documents will be as helpful as possible.
Individuals are empowered and have a role to play to have better control of their personal data
- It is not enough for only organisations to be aware of and responsible for the protection of personal data. Consumers too have a responsibility to better control how their personal data is used. After all, it is their personal data. While the PDPA provides avenues for consumers to ensure that their personal data is collected and used with proper consent, all of us should also recognise that in today’s information age, a competitive economy thrives on the ability to leverage data and information, to make sense of the internet of things, and to deliver competitive services not possible before technologies like data analytics were available. This means that data protection is not simply about withholding data. It is about how we can develop systems and governance to be able to share data in a safe and anonymised way to protect individuals. Last year, Singapore’s Prime Minister launched our vision to become the world’s first Smart Nation - to use technology so that Singaporeans can enjoy better lives, forge stronger communities and remain one of the leading cities in the world. This means that more data will be used, collected, stored and transmitted. Therefore, our data protection framework must remain robust to support technological innovation involving the use of data, including personal data.
Conclusion - I am delighted that we have many distinguished speakers representing governments, the private sector, academia, as well as professionals, who will be sharing their thoughts on today’s theme, “Securing Personal Data for a Competitive Edge”. These conversations will be over three panel discussions and I hope that they will raise useful thoughts for everyone to implement and even improve upon data protection processes in our workplaces.
- Mr John Edwards, the Privacy Commissioner of New Zealand will be sharing his views on data protection based on his experience in New Zealand. John has vast knowledge in the area of information law and I am glad to have him with us today. Thank you John for agreeing to join us.I am indeed honoured that our Minister for Communications and Information, Dr. Yaacob Ibrahim, has kindly agreed to be our Guest-of-Honour, and to open the seminar this morning.
- My thanks also go to all our distinguished speakers and guests for joining us today. I hope today’s discussions will be a fruitful one for everyone.
Tags: