The Personal Data Protection Commission (“the Commission”) fined Sendtech Pte. Ltd. (“Sendtech”) a penalty of $9,000 through 12 installments following a finding that it had breached its obligations under the Personal Data Protection Act 2021. On 13 February 2021, Sendtech informed the Commission of an unauthorized access to its Amazon Web Services (“AWS”) account through […]
Online Marketplace Vindicated from Cyberattack
On 14 May 2021, Carousell Pte. Ltd. (“Carousell”) informed the Personal Data Protection Commission (“the Commission”) about an incident of unauthorized access to its users’ accounts due to a “credential stuffing” attack. Credential stuffing refers to a type of cyberattack where a cybercriminal accesses user accounts from one organisation using the usernames and passwords stolen […]
Well-Known Software & Technology Company Fined for Erroneous Disclosure of Payroll Information
In its decision dated 30th July 2021, the Personal Data Protection Commission (“the PDPC”) has fined well-known software and technology company, SAP Asia Pte. Ltd. (“SAP”) $13,500 over its breach of its personal data protection obligations under Section 24 of the Personal Data Protection Act (“PDPA”). The Decision follows a complaint received by the PDPC […]
Sporting Goods Company Issued Warning for Data Protection Breach
The Personal Data Protection Commission (“the Commission”) issued a Warning to Specialized Asia Pacific Pte. Ltd. (“SAP”) for breach its personal data protection obligations under Section 24 of the Personal Data Protection Act (“PDPA”). Specialized Asia Pacific Pte. Ltd. is a wholesale company of sporting products and equipment including bicycles and healthcare equipment, established in […]
TAFEP Was Fined $29,000 Over Data Breach
The Tripartite Alliance Limited (TAL), an organisation that oversees the Tripartite Alliance for Fair and Progressive Employment Practices (TAFEP), was fined $29,000 for data breach due to an incident of data hacked and accessed in 2020. TAFEP handles clients’ employment system database as well as provides mediation and counsel in employment-related disputes. Over 12,000 individuals […]
Recent Decisions of the Singapore Personal Data Protection Commission
The Personal Data Protection Commission (“PDPC”) recently meted out financial penalties to two errant entities which were found to be in breach of Section 24 of the Personal Data Protection Act 2012 (“PDPA”). Royal Caribbean Cruises (Asia) Pte. Ltd. Royal Caribbean Cruises (Asia) Pte. Ltd. (the “Organisation”) voluntarily informed the PDPC that the systems of […]
Singapore: Recent Decisions of the Personal Data Protection Commission
The Personal Data Protection Commission (‘PDPC’) carried out certain investigations recently under Section 50(1) of the Personal Data Protection Act 2012 (‘PDPA’), and subsequently issued a warning and financial penalty on the respective errant entities below: L’Oréal Singapore Pte. Ltd., Case No. DP-1812-B3091 L’Oréal Singapore Pte. Ltd. (“L’Oréal”) operated a website which had a login […]
How Start-Ups are Safeguarding against Hazardous Data Privacy Issues
As the digital economy expands at a rapid pace, companies continue to collect massive amounts of data and have come to be more dependent on this data to fuel their businesses. From e-commerce firms to healthtech firms, reams of data amassed from consumers are being used to better their offering of products and services. With […]
Data Exclusivity: Impact of the Malaysia – US FTA
Export oriented policies together with large inflows of Foreign Direct Investment (FDI) have been the main driving force behind Malaysian economic growth. Developed countries have been promoting Free Trade Agreement (FTA) and based on precedent FTAs, the main emphasis is on intellectual property rights, medical technology and pharmaceuticals. After entering into a Free Trade Agreement […]