Rajah & Tann Contributes to Personal Data Protection Digest 2022 – “Achieving Accountability through Data Protection by Design”
Steve Tan, Deputy Head of the Rajah & Tann Singapore Technology, Media & Telecommunications Practice, and Senior Associate Justin Lee contributed an article titled “Achieving Accountability through Data Protection by Design” to the Personal Data Protection (“PDP“) Digest 2021.
In light of the accelerated economic digitalisation triggered by the COVID-19 pandemic, there is a burgeoning bias for many businesses towards digital data being their key asset. Data protection by design (“Data Protection by Design“) is, in essence, the application of data protection principles right from the start when coming out with a new product or solution, or when an organisation undertakes activities involving the processing of personal data. The article discusses some key areas of guidance extracted from recent Personal Data Protection Commission (“PDPC“) enforcement decisions, in order for organisations to better understand how the practice of Data Protection by Design could have averted potential breaches of the Personal Data Protection Act (“PDPA“). An example is the application of the principle of end-to-end security across the various stages in the life cycle of development and use of information and communication technology (ICT) systems.
The PDP Digest is owned and put together by the PDPC, Singapore’s main authority in matters relating to personal data protection. This year’s edition of the Digest compiles perspectives from data protection practitioners on a variety of topics relating to the latest amendments to the PDPA, as well as other topics broadly on (a) the regulation of data collection, use and disclosure; (b) the data protection responsibilities of organisations; and (c) the obligations owed by organisations to data subjects.