03 August 2018

Dharma Sadasivan

​On 02 August 2018, the Singapore Personal Data Protection Commission (the "Commission") released its decision in Re: Management Corporation Strata Title Plan No. 4436 [2018] SGPDPC 18 ("Re: MCST 4436").
 
In this case, the Commission turned its attention to a conflict between section 21(3) of the Personal Data Protection Act 2012 (the "PDPA"), which prohibits organizations from releasing personal data under certain circumstances notwithstanding the individual's general right of access to their own personal data, and section 47 of the Building Maintenance and Strata Management Act ("BMSMA"), which requires management corporations to supply information to certain classes of persons.

Read More

Post date. Edit this to change the date post was posted. Does not show up on published site. 3/8/2018

28 May 2018

Dharma Sadasivan

The European Union's General Data Protection Regulation ("GDPR") was approved by the EU Parliament on 14 April 2016 and came into effect on 25 May 2018.
 
The GDPR is most significant piece of privacy regulation to emerge in the EU in over 20 years.

Read More

Post date. Edit this to change the date post was posted. Does not show up on published site. 28/5/2018

6 December 2017

Dharma Sadasivan

I previously wrote about the dual nature of data intermediaries. In that post, I discussed how, under certain circumstances, a data intermediary may simultaneously be an organization in its own right, in relation to a particular set of personal data.

Read More

Post date. Edit this to change the date post was posted. Does not show up on published site. 6/12/2017

3 August 2017

Dharma Sadasivan

​A "data intermediary" is defined in the Personal Data Protection Act 2012 ("PDPA") as an organization which processes personal data on behalf of another organization but does not include an employee of that organization. In practice, it generally refers to a third party that executes a function for your organization as though it were part of your organization. An example of this is a web hosting service such as Amazon Web Services ("AWS").

Read More

Post date. Edit this to change the date post was posted. Does not show up on published site. 3/8/2017

11 January 2017

Dharma Sadasivan

On 20 December 2016, the Personal Data Protection Commission (“PDPC”) released updated advisory guidelines (the “Guidelines”) in relation to Photography, Video and Audio Recordings, including where such photographs and recordings are made with the use of drones.

Read More

Post date. Edit this to change the date post was posted. Does not show up on published site. 11/1/2017

5 September 2016

Dharma Sadasivan

​Singapore's privacy regulators, the Personal Data Protection Commission ("PDPC") released advisory guidelines on photography ("Photography Guidelines"), which I think are helpful to photographers, hobbyists, events organizers, bloggers, and generally across the board. I have endeavored to condense the most salient and useful points in this post.

Read More

Post date. Edit this to change the date post was posted. Does not show up on published site. 5/9/2016

24 March 2015

Dharma Sadasivan

​The data protection provisions of the Personal Data Protection Act 2012 ("PDPA") came into effect on 02 July 2014. It has now been 8 months since the data protection provisions have been in force and we are beginning to see an awareness of data protection and privacy rights emerge in the general public. Accordingly, we're also beginning to see news reports raising the question of whether there have been breaches of the PDPA.

In particular, I thought 2 recent news reports were rather interesting.

Read More

Post date. Edit this to change the date post was posted. Does not show up on published site. 24/3/2015