Personal Data Protection

We live in a world where where personal data is currency that unlocks everything from cloud services to communication apps.

As an individual, there's plenty to be concerned about. Want a social media account? Disclose your name and email address, and note that your IP address will be logged. Share your photos, videos, and location with friends. Tie your messaging app to your mobile phone number. Publish your videos on a video-sharing platform, which also happens to have a related calendar and email platform - oh, and they're all owned owned by a company that sells advertising on its search engine.

To protect the privacy of individuals, countries around the world are enacting privacy laws to regulate how businesses collect, use and disclose personal data. As a result, businesses now face enormous challenges in global regulatory compliance in the area of personal data protection - yet, businesses have legitimate reasons for wanting to handle personal data.

From a marketing standpoint, a business may want personal data so it's always selling the right products to the right people at the right times. The business may want to email customers with special offers, do a market research survey with individual follow-ups if certain criteria are met, or get its customers to recommend its brand to their friends.

From an organizational standpoint, businesses may want to maintain HR information on employees and their families so they can provide family benefits, or centralize HR information in an overseas office from which the company's global headquarters operate.

This fully-connected environment comes with risks. Sometimes, despite a business's efforts, something goes wrong and a database gets hacked, credit card information gets leaked, and privacy regulators commence investigations.

Whether you're an individual or a business, local or global, we're here to help you comply with personal data protection regulations and communicate with data protection regulators, so you can navigate the uncharted and ever-changing landscape of privacy regulation.

News and Insights

6 December 2017

The changing nature of data intermediaries

Dharma Sadasivan

I previously wrote about the dual nature of data intermediaries. In that post, I discussed how, under certain circumstances, a data intermediary may simultaneously be an organization in its own right, in relation to a particular set of personal data.

Privacy and photography in Singapore

Dharma Sadasivan

Singapore's privacy regulators, the Personal Data Protection Commission ("PDPC") released advisory guidelines on photography ("Photography Guidelines"), which I think are helpful to photographers, hobbyists, events organizers, bloggers, and generally across the board. I have endeavored to condense the most salient and useful points in this post.

What does "clear and unambiguous consent" mean?

Dharma Sadasivan

Consumers can register their phone numbers on the Do Not Call ("DNC") registry if they don't want to receive telemarketing calls, text messages or, more rarely, faxes. Notwithstanding such registration, organisations can still conduct telemarketing to DNC-registered phone numbers if they first obtain "clear and unambiguous consent".

How can we help you?

Get in touch to see how we can bring a wealth of expertise to your corner. Call us at +65 6899 9888 or contact a specific member of the team.