Parliament Sitting on 9 November 2022

QUESTION FOR ORAL ANSWER

6. Mr Lim Biow Chuan: To ask the Minister for Communications and Information (a) whether IMDA can do more to educate businesses on the need to protect their customer's data from being hacked; and (b) whether the punishment against illegal hackers of such data can be enhanced.

Answer:

1. Mr Speaker, our laws make clear the obligations that businesses must meet when they collect and store customers’ data.  In addition, the Personal Data Protection Commission (PDPC) and the Cyber Security Agency (CSA) have published resources on their websites to educate organisations, including businesses, on the importance of data protection and cybersecurity.

2. The PDPC’s “Guide to Data Protection Practices for ICT Systems” compiles a set of good data protection practices that organisations can implement. PDPC has also published the common causes of breaches for (a) IT systems and (b) cloud-based applications, so businesses are aware of the risks they face. CSA’s website also has cybersecurity toolkits available for free, to guide organisations on the cybersecurity practices to protect themselves from cyber-attacks and data breaches. 

3. The Government has gone beyond education and raising awareness, and is doing more to encourage businesses to adopt good cybersecurity and data protection measures. Small and Medium Enterprises (SMEs) may participate in the Infocomm Media Development Authority (IMDA) and PDPC’s Data Protection Essentials programme (DPE). It helps them implement baseline data protection and cybersecurity practices such as antivirus, firewall, data backup and encryption, with support from a curated panel of service providers. CSA has also launched the Cyber Trust and Cyber Essentials marks, which businesses can apply for and be recognised for good cybersecurity practices. 

4. Unauthorised access to computer material is punishable under the Computer Misuse Act ("CMA”). Perpetrators are liable, upon conviction, for a fine not exceeding $5,000 or imprisonment for a term not exceeding two years or both. Knowingly obtaining or dealing in personal information that had been obtained through unauthorised access is also punishable under the CMA, with a fine of up to $10,000 or imprisonment up to three years, or both. Penalties are more severe for a second or subsequent conviction.

5. These two offences under the CMA are also listed as serious offences under the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act. Persons who knowingly acquire, possess, use, conceal or transfer the benefits of such offences, or assist another to retain such benefits, are liable to a fine not exceeding $500,000 or to imprisonment for a term not exceeding 10 years or to both. The Courts can also confiscate any benefit arising from both offences under this Act. 

6. The Government takes illegal hacking very seriously and will ensure our laws remain effective in the development of a safe and secure cyberspace. Notwithstanding these penalties, it is ultimately the responsibility of businesses to be vigilant and adopt proper cybersecurity and data protection measures to keep their customers’ data safe. 
MCI directs IMDA to issue Access Blocking Orders to Asia Sentinel for Non-compliance with Correction Direction Press Releases Public Comms, Others 02 Jun 23
Speech by Dr Janil Puthucheary, Senior Minister of State, Ministry of Communications and Information, at SingPost Open House on 1 June 2023 Speeches Personal Data, Infocomm Media 01 Jun 23
Developing Singapore into an Open and Trusted Global AI Hub Press Releases Cyber Security, Digital Readiness 31 May 23
Speech by Mr Tan Kiat How, Senior Minister of State, Ministry of Communications and Information at the “Overcoming the Financial Sector’s AIDA Talent Shortage: Roadmap for 2023 and Beyond” event on 22 May 2023 Speeches Digital Defence, Cyber Security, Digital Readiness 22 May 23
Speech by Mrs Josephine Teo, Minister for Communications and Information, at the launch of "Stewardship of the Singapore Media Staying on Course" on 16 May 2023 Speeches Others, Infocomm Media 16 May 23
MCI Response to PQ on Steps to Protect Consumers and Businesses from Losses due to Disruption of Digital Services by Service Providers Parliament QAs Digital Readiness, Digital Defence 09 May 23
MCI Response to PQ on Ensuring Development and Maintenance of Ethical Artificial Intelligence Standards Parliament QAs Cyber Security, Digital Readiness 09 May 23
MCI Response to PQ on Regulatory Framework for Artificial Intelligence Governance in Singapore Parliament QAs Cyber Security, Government Technology 21 Apr 23
Transcript of Welcome Remarks by Mrs Josephine Teo, Minister for Communications and Information, at SingPost’s Buka Puasa on 13 Apr 2023 Speeches Others 13 Apr 23
Addendum to the President's Address Speeches, Parliament QAs Cyber Security, Digital Readiness, Infocomm Media, Public Comms, Libraries 12 Apr 23
Transcript of Comments Made by Mrs Josephine Teo, Minister for Communications and Information and Minister-in-charge of Smart Nation and Cybersecurity, at Panel Session on “Cyber Strategy and Digital Governance – Protecting Sovereignty and Building Resilience” of The Sydney Dialogue, on 5 Apr 2023 Speeches Cyber Security, Government Technology, Infocomm Media 05 Apr 23
Transcript of Opening Remarks by Mr Tan Kiat How, Senior Minister of State, Ministry of Communications and Information, at the public engagement on Launch at Punggol Regional Library, on 3 April 2023 Speeches Libraries 03 Apr 23
Speech by Mrs Josephine Teo, Minister for Communications and Information, at the launch of the 2023 Edition of Dell’s MentorConnect Programme on 31 March 2023 Speeches Cyber Security, Digital Defence, Digital Readiness, Others 31 Mar 23
MCI Response to PQ on Reports of Protection from Online Falsehoods and Manipulation Act Offences Related to COVID-19 Parliament QAs Public Comms, Others, Cyber Security 22 Mar 23
MCI Response to PQ on Guidelines on Use of Vernacular Languages for Wayfinding Signs and Public Address Systems in Healthcare Institutions and MRT Stations Parliament QAs Public Comms 21 Mar 23
MCI Response to PQ on Local Workforce's Ability to Meet Current Demand for Artificial Intelligence Skills Parliament QAs Cyber Security, Digital Readiness 20 Mar 23
Poll by MCI finds 7 in 10 Singapore Residents Positive about their Overall Quality of Life Post-Pandemic Press Releases Others 19 Mar 23
MCI Response to PQ on Steps Taken to Monitor and Prevent Messages of Extremist Ideologies and Radicalisation from Propagating in Online Gaming Platforms Parliament QAs Infocomm Media, Public Comms 03 Mar 23
MCI Response to PQ on Training for Service Staff at Telecommunications Companies to Spot Possible Scams Targeted at Customers from Vulnerable Groups Parliament QAs Public Comms, Infocomm Media, Digital Readiness 03 Mar 23
MCI Response to PQ on Number of Requests to View Government Records Yet to be Declassified Since 2010 Parliament QAs Libraries, Public Comms, Personal Data, Others 01 Mar 23
Speech by Mr Tan Kiat How, Senior Minister of State, Ministry of Communications and Information, at the Ministry of Communications and Information Committee of Supply Debate on 28 February 2023 Speeches Cyber Security, Digital Defence, Digital Readiness, Government Technology, Infocomm Media, Libraries, Personal Data, Public Comms 28 Feb 23
Speech by Dr Janil Puthucheary, Senior Minister of State Ministry of Communications and Information at the Ministry of Communications and Information,Committee of Supply Debate on 28 February 2023 Speeches Cyber Security, Digital Defence, Digital Readiness, Government Technology, Infocomm Media, Libraries, Personal Data, Public Comms, Others 28 Feb 23
Speech by Mrs Josephine Teo, Minister of Communications and Information, at the Ministry of Communications and Information Committee of Supply Debate on 28 February 2023 Speeches Cyber Security, Digital Defence, Digital Readiness, Government Technology, Infocomm Media, Libraries, Personal Data, Public Comms 28 Feb 23
Empowering Our Businesses and Individuals in a Digital World Press Releases Others, Cyber Security, Digital Defence, Digital Readiness, Government Technology, Infocomm Media, Libraries, Personal Data, Public Comms 28 Feb 23