“We don’t want to shock the system. The approach we took was very graduated. If you look back, even though the [Personal Data Protection Act or PDPA] took effect in 2014, it was passed much earlier in 2012. There was an 18-month ‘sunrise period’,” says Yeong in an interview with The Edge Singapore.
While the collection, use and disclosure of data is regulated by the Personal Data Protection Act, businesses should take an accountability-based approach in this area rather than merely complying with regulations
SINGAPORE (May 13): The Personal Data Protection Commission has always preferred to have conversations with businesses rather than take strict enforcement measures. This approach is to ensure that there is a fundamental shift in the general treatment of personal data, says Yeong Zee Kin, deputy commissioner of the PDPC.
