Asia's Leading Law & Technology Review

Category: Data Privacy Page 1 of 3

The value of differential privacy in establishing an intermediate legal standard for anonymisation in Singapore’s data protection landscape

Reading time: 11 minutes

Written by Nanda Min Htin | Edited by Josh Lee

We’re all law and tech scholars now, says every law and tech sceptic. That is only half-right. Law and technology is about law, but it is also about technology. This is not obvious in many so-called law and technology pieces which tend to focus exclusively on the law. No doubt this draws on what Judge Easterbrook famously said about three decades ago, to paraphrase: “lawyers will never fully understand tech so we might as well not try”.

In open defiance of this narrative, LawTech.Asia is proud to announce a collaboration with the Singapore Management University Yong Pung How School of Law’s LAW4032 Law and Technology class. This collaborative special series is a collection featuring selected essays from students of the class. Ranging across a broad range of technology law and policy topics, the collaboration is aimed at encouraging law students to think about where the law is and what it should be vis-a-vis technology.

This piece, written by Nanda Min Htin, seeks to examine the value of differential privacy an establishing an intermediate legal standard for anonymisation in Singapore’s data protection landscape. Singapore’s data protection framework recognizes privacy-protected data that can be re-identified as anonymised data, insofar as there is a serious possibility that this re-identification would not occur. As a result, such data are not considered personal data in order to be protected under Singapore law. In contrast, major foreign legislation such as the GDPR in Europe sets a clearer and stricter standard for anonymised data by requiring re-identification to be impossible; anything less would be considered pseudonymized data and would subject the data controller to legal obligations. The lack of a similar intermediate standard in Singapore risks depriving reversibly de-identified data of legal protection. One key example is differential privacy, a popular privacy standard for a class of data de-identification techniques. It prevents the re-identification of individuals at a high confidence level by adding random noise to computational results queried from the data. However, like many other data anonymization techniques, it does not completely prevent re-identification. This article first highlights the value of differential privacy in exposing the need for an intermediate legal standard for anonymization under Singapore data protection law. Then, it explains how differential privacy’s technical characteristics would help establish regulatory standards for privacy by design and help organizations fulfil data breach notification obligations. 

Is the PDPA really sufficient to protect our data?

Reading time: 14 minutes

Written by Moo Wen Si, Amelia | Edited by Josh Lee

We’re all law and tech scholars now, says every law and tech sceptic. That is only half-right. Law and technology is about law, but it is also about technology. This is not obvious in many so-called law and technology pieces which tend to focus exclusively on the law. No doubt this draws on what Judge Easterbrook famously said about three decades ago, to paraphrase: “lawyers will never fully understand tech so we might as well not try”.

In open defiance of this narrative, LawTech.Asia is proud to announce a collaboration with the Singapore Management University Yong Pung How School of Law’s LAW4032 Law and Technology class. This collaborative special series is a collection featuring selected essays from students of the class. Ranging across a broad range of technology law and policy topics, the collaboration is aimed at encouraging law students to think about where the law is and what it should be vis-a-vis technology.

This piece, written by Moo Wen Si, Amelia, seeks to examine the sufficiency of the PDPA in today’s world. In a technologically advanced world where e-commerce, cloud computing and data mining are flourishing, data has become one of the most valuable assets in the economy. This has raised concerns as to whether our data is being fully protected from misuse and the remedial actions available in cases of data breaches. In response, the Singapore Parliament enacted the Personal Data Protection Act 2012 (“PDPA”) seeking to protect individuals’ data from misuse by organisations in the private sectors. The PDPA, aimed to be a comprehensive data protection law, is however severely lacking in the protection it affords to individuals. This paper seeks to argue how the PDPA is insufficient to protect one’s data from being misused and the limited recourse that individuals have even when their data privacy has been compromised. 

Legal Implications of Digital Surveillance: Individual Protection

Reading time: 14 minutes

Written by Lim Hong Wen, Amelia | Edited by Josh Lee

We’re all law and tech scholars now, says every law and tech sceptic. That is only half-right. Law and technology is about law, but it is also about technology. This is not obvious in many so-called law and technology pieces which tend to focus exclusively on the law. No doubt this draws on what Judge Easterbrook famously said about three decades ago, to paraphrase: “lawyers will never fully understand tech so we might as well not try”.

In open defiance of this narrative, LawTech.Asia is proud to announce a collaboration with the Singapore Management University Yong Pung How School of Law’s LAW4032 Law and Technology class. This collaborative special series is a collection featuring selected essays from students of the class. Ranging across a broad range of technology law and policy topics, the collaboration is aimed at encouraging law students to think about where the law is and what it should be vis-a-vis technology.

This piece, written by Lim Hong Wen, Amelia, seeks to analyse three key concerns that may arise from the use of digital surveillance, in particular, the issue of privacy, harassment, and algorithmic bias. This paper then examine how the four modalities expounded by Lawrence Lessig will come into play in regulating the use of digital surveillance (i.e. the law, architecture, social norms, and the market). Part II first explores the developments in the use of digital surveillance by the state, employers, and individuals. Digital surveillance has since transformed over the years and current laws may be insufficient in protecting individuals against certain unwanted forms of digital surveillance. Part III of this paper identified the inadequacies of current laws to address the key concerns identified earlier (i.e. privacy, harassment, and algorithmic bias). Given the lack of legal recourse available, Part IV then analyzed how the use or misuse of digital surveillance can be regulated by the remaining three modalities (i.e. the architecture, social norms, and the market).

TechLaw.Fest 2020 Cyber Edition – A virtually transformative conference experience

Reading time: 11 minutes

By Josh Lee | Edited by Elizaveta Shesterneva

Supported by: Lenon Ong, Utsav Rakshit, Benjamin Peck, Ong Chin Ngee, Tristan Koh

“In a year when a certain pesky virus turned the world upside down, how can a conference engage, encapsulate and elaborate upon all of the disruption seen in one year?”

This must have been the key question on the minds of the planners of TechLaw.Fest 2020, as they went about organising Asia’s largest law and technology conference. What followed was a signature conference held with a virtually (pun intended) uniquely signature.

In this article, LawTech.Asia will take our readers on a quick recap of TechLaw.Fest 2020, as we look forward to another exciting edition of TechLaw.Fest in 2021. LawTech.Asia is grateful for our ongoing strategic media partnership with the Singapore Academy of Law (“SAL”), and for the opportunity to be a media partner for TechLaw.Fest once again.

Regulation of legal technology in Singapore – Issues, international scans, and ideas

Reading time: 15 minutes

Written by Cindy Chua (Associate Author) | Mentored by Josh Lee | Reviewed by Joey Pang

LawTech.Asia is proud to conclude the third run of its popular Associate Author (2020) Programme. The aim of the Associate Authorship Programme is to develop the knowledge and exposure of student writers in the domains of law and technology, while providing them with mentorship from LawTech.Asia’s writers and tailored guidance from a respected industry mentor.

In partnership with the National University of Singapore’s alt+law and Singapore Management University’s Legal Innovation and Technology Club, five students were selected as Associate Authors. This piece, written by Cindy Chua and reviewed by industry reviewer Joey Pang (DBS), marks the fifth and final thought piece in this series. It examines the various issues arising from the use of commonly seen legal technologies in Singapore, and conducts an international scan of legal technology regulatory pictures in several jurisdictions before proposing a potential way forward for Singapore.

Page 1 of 3

Powered by WordPress & Theme by Anders Norén