MCI's response to PQ on Do-Not-Call related offences under the Personal Data Protection Act
Parliament Sitting on 29 February 2016
QUESTION FOR ORAL ANSWER
17. Mr Zainal Sapari: To ask the Minister for Communications and Information (a) what is the number of complaints that the Personal Data Protection Commission has received since the implementation of the Personal Data Protection Act on Do-Not-Call related offences; (b) how many companies have been convicted or have had their offences compounded; and (c) whether public education efforts have been effective in educating businesses with regard to compliance of the Act.
The Do Not Call (or DNC) rules under the Personal Data Protection Act came into effect on 2 January 2014. Over the past 2 years, the Personal Data Protection Commission, or PDPC, has received about 9,700 valid public complaints against some 1,500 companies. A majority of these companies were from the Property, Retail, and Financial sectors.
2 PDPC's investigation revealed that most companies who flouted the DNC rules did not clearly understand the requirements of the rules and how to comply with them. Given that it was still early days of the Act and most complaints involved one-off breaches, PDPC issued advisory notices and warnings to about 3,000 organisations. These were meant to provide useful guidance to these companies on specific steps to be taken, in order to comply with the DNC rules.
3 For the more egregious cases, PDPC prosecuted two organisations, Star Zest Home Tuition and its director, and a salesperson from Huttons Asia in 2014. They continued to send multiple, unsolicited telemarketing messages to numbers listed in the DNC Registry, despite being notified by PDPC not to do so. In addition, two others had their offences compounded in lieu of prosecution, given that the breaches were not as serious.
4 The PDPC has also received some 26,500 complaints on messages relating to illegal activities, such as unlicensed money lending and illegal gambling. As these activities come under the purview of the Police, PDPC has been referring such complaints to the Police.
5 The PDPC has been proactive in its public education and outreach efforts to organisations and members of the public. PDPC has conducted briefings and workshops for organisations to explain how the Act would apply to various types of businesses and what organisations would need to do to ensure compliance. PDPC’s online e-learning and educational resources have also been helpful, especially for smaller organisations. PDPC also collaborates with other agencies such as the Law Society of Singapore and SPRING’s SME Centres to offer advice and consultation services to smaller businesses.
6 As of end 2015, the PDPC has engaged more than 23,000 participants from some 7,500 organisations. These efforts have allowed organisations to gain a better understanding of the Act, which has helped reduce the number of DNC complaints in 2015 by more than 50%.
7 I would like to assure the House that PDPC will continue to engage organisations, raise awareness, and facilitate compliance of the Act. Organisations which require any guidance or advice can approach PDPC.