Singapore Government
Link to Homepage
Home | About Us | Browse | Advanced Search | Results | My Preferences | FAQ | Help | PLUS
 
Contents  

Long Title

Enacting Formula

Part I PRELIMINARY

Part II PERSONAL DATA PROTECTION COMMISSION AND ADMINISTRATION

Part III GENERAL RULES WITH RESPECT TO PROTECTION OF PERSONAL DATA

Part IV COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA

Division 1 — Consent

Division 2 — Purpose

Part V ACCESS TO AND CORRECTION OF PERSONAL DATA

Part VI CARE OF PERSONAL DATA

Part VII ENFORCEMENT OF PARTSĀ III TO VI

Part VIII APPEALS TO DATA PROTECTION APPEAL COMMITTEE, HIGH COURT AND COURT OF APPEAL

Part IX DO NOT CALL REGISTRY

Division 1 — Preliminary

Division 2 — Administration

Division 3 — Specified message to Singapore telephone number

Part X GENERAL

FIRST SCHEDULE Repealed

SECOND SCHEDULE Collection of personal data without consent

THIRD SCHEDULE Use of personal data without consent

FOURTH SCHEDULE Disclosure of personal data without consent

FIFTH SCHEDULE Exceptions from access requirement

SIXTH SCHEDULE Exceptions from correction requirement

SEVENTH SCHEDULE Constitution and proceedings of Data Protection Appeal Panel and Data Protection Appeal Committees

EIGHTH SCHEDULE Exclusion from meaning of "specified message"

NINTH SCHEDULE Powers of investigation of Commission and Inspectors

 
Slider
Left Corner
Print   Link to Viewed VersionLink to In-Force Version
 
On 26/09/2017, you requested the version in force on 14/09/2017 incorporating all amendments published on or before 14/09/2017. The closest version currently available is that of 02/10/2016.
Slider
PART II
PERSONAL DATA PROTECTION COMMISSION
AND ADMINISTRATION
Personal Data Protection Commission
5.
—(1)  The Info‑communications Media Development Authority is designated as the Personal Data Protection Commission.
(2)  The Personal Data Protection Commission is responsible for the administration of this Act.
Functions of Commission
6.  The functions of the Commission shall be —
(a)
to promote awareness of data protection in Singapore;
(b)
to provide consultancy, advisory, technical, managerial or other specialist services relating to data protection;
(c)
to advise the Government on all matters relating to data protection;
(d)
to represent the Government internationally on matters relating to data protection;
(e)
to conduct research and studies and promote educational activities relating to data protection, including organising and conducting seminars, workshops and symposia relating thereto, and supporting other organisations conducting such activities;
(f)
to manage technical co-operation and exchange in the area of data protection with other organisations, including foreign data protection authorities and international or inter‑governmental organisations, on its own behalf or on behalf of the Government;
(g)
to administer and enforce this Act;
(h)
to carry out functions conferred on the Commission under any other written law; and
(i)
to engage in such other activities and perform such functions as the Minister may permit or assign to the Commission by order published in the Gazette.
Advisory committees
7.
—(1)  The Minister may appoint one or more advisory committees to provide advice to the Commission with regard to the performance of any of its functions under this Act.
(2)  The Commission may consult such advisory committees in relation to the performance of its functions and duties and the exercise of its powers under this Act but shall not be bound by such consultation.
Delegation
8.
—(1)  The Commission may appoint, by name or office, from among public officers and the employees of the Authority —
(a)
the Commissioner for Personal Data Protection; and
(b)
such number of Deputy Commissioners for Personal Data Protection, Assistant Commissioners for Personal Data Protection and inspectors, as the Commission considers necessary.
(2)  Where any function, duty or power of the Commission under this Act is delegated to the Commissioner under section 38 of the Info-communications Media Development Authority Act 2016 —
(a)
the Commissioner must perform that function or duty, or exercise that power, in his name;
(b)
the Commission must not perform that function or duty, or exercise that power, during the period when the delegation is in force; and
(c)
the Commission must, as soon as practicable after the delegation, publish a notice of the delegation in the Gazette.
(3)  In exercising any of the powers of enforcement under this Act, an authorised officer shall on demand produce to the person against whom he is acting the authority issued to him by the Commission.
Conduct of proceedings
9.
—(1)  An individual appointed under section 8(1) or an employee of the Authority, who is authorised in writing by the Chief Executive of the Authority for the purpose of this section, may conduct, with the authorisation of the Public Prosecutor, proceedings in respect of an offence under this Act.
(2)  A legal counsel of the Commission who is an advocate and solicitor may —
(a)
appear in any civil proceedings involving the performance of any function or duty, or the exercise of any power, of the Commission under any written law; and
(b)
make all applications and do all acts in respect of the civil proceedings on behalf of the Commission or an authorised officer.
Co-operation agreements
10.
—(1)  For the purposes of section 59, a co-operation agreement is an agreement for the purposes of —
(a)
facilitating co-operation between the Commission and another regulatory authority in the performance of their respective functions in so far as those functions relate to data protection; and
(b)
avoiding duplication of activities by the Commission and another regulatory authority, being activities involving the enforcement of data protection laws.
(2)  A co-operation agreement may include provisions —
(a)
to enable the Commission and the other regulatory authority to furnish to each other information in their respective possession if the information is required by the other for the purpose of performance by it of any of its functions;
(b)
to provide such other assistance to each other as will facilitate the performance by the other of any of its functions; and
(c)
to enable the Commission and the other regulatory authority to forbear to perform any of their respective functions in relation to a matter in circumstances where it is satisfied that the other is performing functions in relation to that matter.
(3)  The Commission shall not furnish any information to a foreign data protection body pursuant to a co-operation agreement unless it requires of, and obtains from, that body an undertaking in writing by it that it will comply with terms specified in that requirement, including terms that correspond to the provisions of any written law concerning the disclosure of that information by the Commission.
(4)  The Commission may give an undertaking to a foreign data protection body that it will comply with terms specified in a requirement made of the Commission by the foreign data protection body to give such an undertaking where —
(a)
those terms correspond to the provisions of any law in force in the country or territory in which the foreign data protection body is established, being provisions which concern the disclosure by the foreign data protection body of the information referred to in paragraph (b); and
(b)
compliance with the requirement is a condition imposed by the foreign data protection body for furnishing information in its possession to the Commission pursuant to a co‑operation agreement.
(5)  In this section —
“foreign data protection body” means a body in whom there are vested functions under the law of another country or territory with respect to the enforcement or the administration of provisions of law of that country or territory concerning data protection;
“regulatory authority” includes the Commission and any foreign data protection body.