fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Scope Of Singapore Privacy: How We Use It In A Right Way

Singapore privacy
Privacy International (PI) is a human rights organization that works to advance and promote Singapore privacy and fight surveillance around the world.

The Scope Of Singapore Privacy: How We Use It In A Right Way

This stakeholder report is a submission by Privacy International (PI). PI is a human rights organisation that works to advance and promote Singapore privacy and fight surveillance around the world. PI wishes to bring concerns about the protection and promotion of the Singapore privacy in Singapore before the Human Rights Council for consideration in Singapore’s upcoming review.

Singapore privacy right

Singapore privacy is a fundamental human right, enshrined in numerous international human rights instruments. It is central to the protection of human dignity and forms the basis of any democratic society. Activities that restrict the Singapore privacy, such as surveillance and censorship, can only be justified when they are prescribed by law, necessary to achieve a legitimate aim, and proportionate to the aim pursued

Domestic laws related to Singapore privacy

The Constitution of the Republic of Singapore does not include a Singapore privacy. Some laws regulate the processing of personal data,including in the public sector, such as the Computer Misuse and Cybersecurity Act which criminalises unauthorised access to data, but does not regulate or address lawful collection of data. Other safeguards for privacy and personal data are included in the Official Secrets Act, the Statistics Act, the Statutory Bodies and Government Companies (Protection of Secrecy) Act and the Electronic Transactions Act.

Other laws regulate data held by private sector entities including the Personal Data Protection Act, Banking Act, and the Telecommunications Act; whilst other relevant legislation include the law of confidence, which addresses misuse and publication of confidential information.

Singapore privacy is a fundamental human right, enshrined in numerous international human rights instruments.

International obligations

Singapore has has not ratified the International Covenant on Civil and
Political Rights (‘ICCPR’) which under Article 17 of the ICCPR, provides that
“no one shall be subjected to arbitrary or unlawful interference with his
privacy, family, home or correspondence, nor to unlawful attacks on his
honour and reputation”.

Areas of concern

I. Failure to ratify the ICCPR

Singapore has still not signed nor ratified many of the major international
treaties, including the ICCPR, which upholds the right to privacy under Article 17.

Article 17 of the ICCPR provides that “no one shall be subjected to arbitrary
or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation”.

The ICCPR has been ratified by 168 states, including many in Asia. It is
urgent that Singapore ratifies and implements the ICCPR including by
recognizing the right to privacy as a Constitutional right.

Also read: 12 brief explanation about the benefits of data protection for business success

II. Communications surveillance

Despite some evidence from security researchers, details of the capacity of
the Singaporean government to conduct surveillance and the scope of its
surveillance infrastructure remains unknown. Yet, it is widely acknowledged that Singapore has a well-established, centrally controlled technological surveillance system designed to maintain social order and protect national interest and national security.

The surveillance structure in Singapore spreads wide from CCTV, drones,
internet monitoring, access to communications data, mandatory SIM card registration, identification required for registration to certain website, to use of big data analytics for governance initiatives including traffic monitoring.

This raises significant concerns in light of the fact that the legal framework
regulating interception of communication falls short of applicable international human rights standards, and judicial authorisation is sidelined and democratic overnight inexistent.

Activities that restrict Singapore privacy, such as surveillance and censorship, can only be justified when they are prescribed by law, necessary to achieve a legitimate aim, and proportionate to the aim pursued.

III. Data protection

In 2012, Singapore’s Parliament approved a data protection law which took effect on 2 January 2013. The Personal Data Protection Act 2012 (PDPA)
establishes a regulatory framework which governs the collection, use,
disclosure and care of personal data.37 The PDPA mandated the
establishment of a Data Protection Commission under Section 5.

The PDPA is a welcomed step in ensuring the right of individuals to protect
their personal data but the scope, some of the principles, and numerous
exemptions raise concerns. The PDPA does not apply to the police as well as any public agency or organisation. These exemptions are concerning when considering initiatives such as the one announced in January 2015 by the Neighbourhood Police Centre (NPC) raise serious concerns as to what privacy safeguards will be applied. The NPC announced it would begin trials of body-word cameras for police forces. The cameras will be kept on record mode during the entirety of an officer’s shift, with the possibly of being turned off when judged necessary by the officer.

Other exemptions provisions of concern include the exemption of ‘business
contact information’, a broad list of uses for an ‘evaluative purpose’ which will exempt personal data linked to employment, education, etc,. Furthermore, unless expressly provided in the Act, provisions of other ‘written laws’ will supersede the PDAC if these provisions are inconsistent with any parts of the Act under Section III to VI, news organisations collecting for news activities (both undefined) do no require consents, data intermediaries are exempt but controllers are liable.

Also read: How Being Data Protection Trained Can Help With Job Retention

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us