Parliament Sitting on 9 November 2022

QUESTION FOR ORAL ANSWER

6. Mr Lim Biow Chuan: To ask the Minister for Communications and Information (a) whether IMDA can do more to educate businesses on the need to protect their customer's data from being hacked; and (b) whether the punishment against illegal hackers of such data can be enhanced.

Answer:

1. Mr Speaker, our laws make clear the obligations that businesses must meet when they collect and store customers’ data.  In addition, the Personal Data Protection Commission (PDPC) and the Cyber Security Agency (CSA) have published resources on their websites to educate organisations, including businesses, on the importance of data protection and cybersecurity.

2. The PDPC’s “Guide to Data Protection Practices for ICT Systems” compiles a set of good data protection practices that organisations can implement. PDPC has also published the common causes of breaches for (a) IT systems and (b) cloud-based applications, so businesses are aware of the risks they face. CSA’s website also has cybersecurity toolkits available for free, to guide organisations on the cybersecurity practices to protect themselves from cyber-attacks and data breaches. 

3. The Government has gone beyond education and raising awareness, and is doing more to encourage businesses to adopt good cybersecurity and data protection measures. Small and Medium Enterprises (SMEs) may participate in the Infocomm Media Development Authority (IMDA) and PDPC’s Data Protection Essentials programme (DPE). It helps them implement baseline data protection and cybersecurity practices such as antivirus, firewall, data backup and encryption, with support from a curated panel of service providers. CSA has also launched the Cyber Trust and Cyber Essentials marks, which businesses can apply for and be recognised for good cybersecurity practices. 

4. Unauthorised access to computer material is punishable under the Computer Misuse Act ("CMA”). Perpetrators are liable, upon conviction, for a fine not exceeding $5,000 or imprisonment for a term not exceeding two years or both. Knowingly obtaining or dealing in personal information that had been obtained through unauthorised access is also punishable under the CMA, with a fine of up to $10,000 or imprisonment up to three years, or both. Penalties are more severe for a second or subsequent conviction.

5. These two offences under the CMA are also listed as serious offences under the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act. Persons who knowingly acquire, possess, use, conceal or transfer the benefits of such offences, or assist another to retain such benefits, are liable to a fine not exceeding $500,000 or to imprisonment for a term not exceeding 10 years or to both. The Courts can also confiscate any benefit arising from both offences under this Act. 

6. The Government takes illegal hacking very seriously and will ensure our laws remain effective in the development of a safe and secure cyberspace. Notwithstanding these penalties, it is ultimately the responsibility of businesses to be vigilant and adopt proper cybersecurity and data protection measures to keep their customers’ data safe. 
Speech by Minister Josephine Teo at the launch of Temus's Step IT Up Programme on 26 January 2023 Speeches Digital Readiness, Cyber Security 26 Jan 23
The Korea-Singapore Digital Partnership Agreement enters into force Press Releases Government Technology, Others, Digital Defence, Cyber Security 13 Jan 23
MCI Response to PQ on Funding to Persons Providing Commentary on Social Media Platforms in Support of Government Policies Parliament QAs Public Comms, Infocomm Media 10 Jan 23
MCI Response to PQ on Increasing Low-income Families' Take-up of Internet Access Scheme Parliament QAs Digital Readiness 10 Jan 23
MCI Response to PQ on Policy on Use of Dialect Languages on Radio and Television Channels Parliament QAs Public Comms, Infocomm Media 10 Jan 23
MCI Response to PQ on Increase in SingPost Postage and Delivery Service Rates Parliament QAs Others 09 Jan 23
MCI Response to PQ on Annual Spending on Advertisement on Traditional and Online Media from 2011 to 2021 Parliament QAs Public Comms 09 Jan 23
Speech by Mr Tan Kiat How, Senior Minister of State, Ministry of Communications and Information, at NTU Wee Kim Wee School of Communication and Information Panel Discussion event on 9 Jan 2023 Speeches Public Comms, Infocomm Media 09 Jan 23
Speech by Senior Minister of State, Dr Janil Puthucheary at the techUK Digital Ethics Summit 2022 on 7 Dec 2022 Speeches Cyber Security, Digital Readiness, Government Technology, Others 07 Dec 22
Speech delivered by Mr Tan Kiat How, Senior Minister of State, Ministry of Communications and Information, at Asia TV Forum & Market | ScreenSingapore (7 Dec 2022) Speeches Infocomm Media 07 Dec 22
Securing AI Collaborations between Singapore and Republic of Korea Press Releases Cyber Security, Digital Readiness, Government Technology, Others 06 Dec 22
Speech by Mrs Josephine Teo, Minister of Communications and Information, at the Global Technology Summit on 1 December 2022 Speeches Personal Data, Others, Cyber Security 01 Dec 22
MCI Response to PQ on Collection of NRIC and Personally Identifiable Information by Security Officers at Commercial and Private Residential Facilities Parliament QAs Personal Data, Others 30 Nov 22
MCI Response to PQ on Assessment of Risk and Impact of Quantum Computing Technology and Efforts to Ensure Encrypted Digital Records and Communications Networks Remain Secure Parliament QAs Digital Readiness, Others, Government Technology 29 Nov 22
MCI Response to PQ on Measures in Place to Safeguard Privacy and Data of Users against Illegal Tracking by Tech Companies Parliament QAs Personal Data 28 Nov 22
MCI Response to PQ on Mitigation Strategy to Deal with Cellular Phone Jams at Large-scale Crowd Events Parliament QAs Public Comms, Digital Readiness 28 Nov 22
MCI Response to PQ on Measures to Improve Service Quality of Poor Performing Telcos Parliament QAs Others, Digital Readiness 28 Nov 22
MCI Response to PQ on Publishing Unedited Submissions from Individuals and Industry Players in Public Consultations on Proposed Legislation Parliament QAs Others, Public Comms, Personal Data 28 Nov 22
Opening Remarks by PS Joseph Leong for the 3rd Singapore-China (Shenzhen) Smart City Initiative Joint Implementation Committee Meeting on 25 November 2022 Speeches Infocomm Media, Others 25 Nov 22
Eight MOUs signed at the Third Singapore-China (Shenzhen) Smart City Initiative Joint Implementation Committee Meeting Press Releases Infocomm Media, Others 25 Nov 22
Speech by Mrs Josephine Teo, Minister for Communications and Information, at the AiSP South-East Asia Cybersecurity Consortium Forum on 23 November 2022 Speeches Cyber Security 23 Nov 22
Speech by Mrs Josephine Teo, Minister for Communications and Information, at the 5th DataGovAi Webinar eSummit & eAwards on 22 Nov 2022 Speeches Cyber Security, Others 22 Nov 22
Singapore and the Republic of Korea sign the Korea-Singapore Digital Partnership Agreement Press Releases Cyber Security, Others, Digital Defence 21 Nov 22
Speech by Mr Tan Kiat How, Senior Minister of State, Ministry of Communications and Information, at the Launch of Meta’s ‘Art Reimagined Singapore’ on 17 Nov 2022 Speeches Infocomm Media, Others 17 Nov 22