Breach of the Protection Obligation by Trinity Christian Centre

A recent decision highlights the need to implement reasonable security measures in database servers to safeguard against personal data breaches. On 11 March 2021, Trinity Christian Centre (the “Organisation”) reported a data breach involving ransomware to the Personal Data Protection Commission (“PDPC”). The Organisation sought to expedite proceedings, readily acknowledging the facts and admitting to […]

What to Expect When the Personal Data Protection Act B.E. 2562 Is Fully Enforced in June 2022

Incidents of unauthorized disclosure of personal information to third parties has raised concern over personal data security across the globe. In 2015, the General Data Protection Regulation (“GDPR”) was published, being the first personal data protection law passed to protect all European Union citizens. To comply with international standards, Thailand has adopted the provisions of […]

Recent Decisions of the Singapore Personal Data Protection Commission

The Personal Data Protection Commission (“PDPC”) recently meted out financial penalties to two errant entities which were found to be in breach of Section 24 of the Personal Data Protection Act 2012 (“PDPA”). Royal Caribbean Cruises (Asia) Pte. Ltd. Royal Caribbean Cruises (Asia) Pte. Ltd. (the “Organisation”) voluntarily informed the PDPC that the systems of […]

Singapore: Recent Decisions of the Personal Data Protection Commission

The Personal Data Protection Commission (‘PDPC’) carried out certain investigations recently under Section 50(1) of the Personal Data Protection Act 2012 (‘PDPA’), and subsequently issued a warning and financial penalty on the respective errant entities below: L’Oréal Singapore Pte. Ltd., Case No. DP-1812-B3091 L’Oréal Singapore Pte. Ltd. (“L’Oréal”) operated a website which had a login […]