357
edits
SGPolitico (talk | contribs) No edit summary |
SGPolitico (talk | contribs) No edit summary |
||
Line 34: | Line 34: | ||
=== Privacy Concerns and Exemptions === | === Privacy Concerns and Exemptions === | ||
The controversy drew further scrutiny when it was revealed that ACRA, as a statutory board, is exempt from the Personal Data Protection Act (PDPA), which governs the collection, use, and disclosure of personal data by private organisations. | The controversy drew further scrutiny when it was revealed that ACRA, as a statutory board, is exempt from the [https://sso.agc.gov.sg/Act/PDPA2012 Personal Data Protection Act] (PDPA), which governs the collection, use, and disclosure of personal data by private organisations. | ||
This exemption meant ACRA faced no penalties for exposing full NRIC numbers, unlike private entities, which are held to stricter standards. | This exemption meant ACRA faced no penalties for exposing full NRIC numbers, unlike private entities, which are held to stricter standards. | ||
Line 42: | Line 42: | ||
The PDPA explicitly requires organisations to implement '''“reasonable security arrangements”''' for sensitive personal data like NRIC numbers. | The PDPA explicitly requires organisations to implement '''“reasonable security arrangements”''' for sensitive personal data like NRIC numbers. | ||
The Advisory Guidelines on PDPA for NRIC and Other National Identification Numbers, introduced in 2018, was removed from the Personal Data Protection Commission’s (PDPC) website. A notice on the page stated: ''“The document is temporarily unavailable as it is undergoing updates.”'' | |||
[[File:PDPC guidelines 2018.png|thumb|PDPC guidelines 2018]] | |||
=== Media Coverage and Public Statements === | === Media Coverage and Public Statements === |