Singapore increases fines for data breaches to address customers’ concerns on data privacy
Singapore, a global business hub, decided to introduce severer penalties for data breaches under the Personal Data Protection Act (PDPA) to clear customers’ doubts about the security of their data and continue to support innovation. S. Iswaran, Minister of Communications and Information, acknowledged the difficulty of finding a balanced solution, which keeps customers’ trust in the system high, and does not hurt the Singaporean economy, but stressed the necessity to strengthen data protection. Changes in the law increase the data breach fine to $1 million or 10% of a company’s annual turnover in Singapore, depending on which figure is higher. Before changes were introduced, the maximum fine for a data breach was $1 million. Interestingly, consent for use of individuals’ data is not required, when ‘legitimate interests’ come into play and their data is used to prevent fraud or help in the court.