Parliament Sitting on 28 November 2022

QUESTION FOR WRITTEN ANSWER

47. Mr Shawn Huang Wei Zhong: To ask the Minister for Communications and Information with rising concerns of tech companies illegally tracking location data for search and advertisement purposes, what are the measures in place to safeguard the privacy and data of users in Singapore.

Answer:


1. Location data can form part of the personal data that organisations collect, if such location data can be used by companies to identify individuals.Location data may be used legitimately, including for search and advertisement purposes, such as when it is anonymised before use, or the organisation has obtained consent. Illegal tracking occurs when organisations fail to obtain consent when required, or obtain consent through misleading or deceptive practices. In such cases, organisations, including tech companies, may be in breach of the Personal Data Protection Act (PDPA). 

2. When organisations collect location data as part of their customers’ personal data, they are required under the PDPA to manage the data responsibly and securely protect them. The PDPC has outlined specific security measures on location data in the Guide to Data Protection Practices for ICT Systems, which organisations are expected to adhere to. For instance, the Guide suggests that organisations could collect approximate location data of users, rather than their exact location. It also suggests that apps provide users with the option to authorise the collection of their location data only when required, rather than on a continuous basis. The PDPC has previously taken companies to task for failure to protect location data.

3. While the PDPA designs safeguards to protect consumers’ personal data, consumers are ultimately the first line of defence to protect their own location data. Location data can be collected by any mobile app developer that has been granted permission to read the GPS sensor on a consumer’s mobile phone. Thus, consumers should exercise caution with regard to the types of apps they download, and the app permissions they consent to.

 

 

Speech by Mrs Josephine Teo, Minister of Communications and Information, at the Global Technology Summit on 1 December 2022 Speeches Personal Data, Others, Cyber Security 01 Dec 22
MCI Response to PQ on Collection of NRIC and Personally Identifiable Information by Security Officers at Commercial and Private Residential Facilities Parliament QAs Personal Data, Others 30 Nov 22
MCI Response to PQ on Measures in Place to Safeguard Privacy and Data of Users against Illegal Tracking by Tech Companies Parliament QAs Personal Data 28 Nov 22
MCI Response to PQ on Publishing Unedited Submissions from Individuals and Industry Players in Public Consultations on Proposed Legislation Parliament QAs Others, Public Comms, Personal Data 28 Nov 22
Speech by Mr Tan Kiat How, Senior Minister of State, Ministry of Communications and Information, at SGTech Global Future Series: Digital Trust Forum on 28 October 2022 Speeches Infocomm Media, Personal Data 28 Oct 22
Speech by Mrs Josephine Teo, Minister for Communications and Information, at The Singapore Computer Society (SCS) Tech3 Forum on 26 Aug 2022 Speeches Others, Cyber Security, Personal Data 26 Aug 22