Asia's Leading Law & Technology Review

Tag: GDPR

The value of differential privacy in establishing an intermediate legal standard for anonymisation in Singapore’s data protection landscape

Reading time: 11 minutes

Written by Nanda Min Htin | Edited by Josh Lee Kok Thong

We’re all law and tech scholars now, says every law and tech sceptic. That is only half-right. Law and technology is about law, but it is also about technology. This is not obvious in many so-called law and technology pieces which tend to focus exclusively on the law. No doubt this draws on what Judge Easterbrook famously said about three decades ago, to paraphrase: “lawyers will never fully understand tech so we might as well not try”.

In open defiance of this narrative, LawTech.Asia is proud to announce a collaboration with the Singapore Management University Yong Pung How School of Law’s LAW4032 Law and Technology class. This collaborative special series is a collection featuring selected essays from students of the class. Ranging across a broad range of technology law and policy topics, the collaboration is aimed at encouraging law students to think about where the law is and what it should be vis-a-vis technology.

This piece, written by Nanda Min Htin, seeks to examine the value of differential privacy an establishing an intermediate legal standard for anonymisation in Singapore’s data protection landscape. Singapore’s data protection framework recognizes privacy-protected data that can be re-identified as anonymised data, insofar as there is a serious possibility that this re-identification would not occur. As a result, such data are not considered personal data in order to be protected under Singapore law. In contrast, major foreign legislation such as the GDPR in Europe sets a clearer and stricter standard for anonymised data by requiring re-identification to be impossible; anything less would be considered pseudonymized data and would subject the data controller to legal obligations. The lack of a similar intermediate standard in Singapore risks depriving reversibly de-identified data of legal protection. One key example is differential privacy, a popular privacy standard for a class of data de-identification techniques. It prevents the re-identification of individuals at a high confidence level by adding random noise to computational results queried from the data. However, like many other data anonymization techniques, it does not completely prevent re-identification. This article first highlights the value of differential privacy in exposing the need for an intermediate legal standard for anonymization under Singapore data protection law. Then, it explains how differential privacy’s technical characteristics would help establish regulatory standards for privacy by design and help organizations fulfil data breach notification obligations. 

Is the PDPA really sufficient to protect our data?

Reading time: 14 minutes

Written by Moo Wen Si, Amelia | Edited by Josh Lee Kok Thong

We’re all law and tech scholars now, says every law and tech sceptic. That is only half-right. Law and technology is about law, but it is also about technology. This is not obvious in many so-called law and technology pieces which tend to focus exclusively on the law. No doubt this draws on what Judge Easterbrook famously said about three decades ago, to paraphrase: “lawyers will never fully understand tech so we might as well not try”.

In open defiance of this narrative, LawTech.Asia is proud to announce a collaboration with the Singapore Management University Yong Pung How School of Law’s LAW4032 Law and Technology class. This collaborative special series is a collection featuring selected essays from students of the class. Ranging across a broad range of technology law and policy topics, the collaboration is aimed at encouraging law students to think about where the law is and what it should be vis-a-vis technology.

This piece, written by Moo Wen Si, Amelia, seeks to examine the sufficiency of the PDPA in today’s world. In a technologically advanced world where e-commerce, cloud computing and data mining are flourishing, data has become one of the most valuable assets in the economy. This has raised concerns as to whether our data is being fully protected from misuse and the remedial actions available in cases of data breaches. In response, the Singapore Parliament enacted the Personal Data Protection Act 2012 (“PDPA”) seeking to protect individuals’ data from misuse by organisations in the private sectors. The PDPA, aimed to be a comprehensive data protection law, is however severely lacking in the protection it affords to individuals. This paper seeks to argue how the PDPA is insufficient to protect one’s data from being misused and the limited recourse that individuals have even when their data privacy has been compromised. 

LawTech.Asia Interview with Chris Strand, IntSights COO

Reading time: 6 minutes

Written by Elizaveta Shesterneva and Ong Chin Ngee | Edited by Utsav Rakshit and Josh Lee

Recently, LawTech.Asia had the exclusive opportunity to interview Christopher Strand, the Chief Compliance Officer at IntSights. IntSights is a cybersecurity company with offices in the United States, Singapore, Japan, Israel and Netherlands. Christopher shared with us his views on cyber threat intelligence, data privacy and various regulatory developments in this area.

TechLaw.Fest 2020 Quick Chats: Dr Ian Walden, Professor of Information and Communications Law at Queen Mary University of London; Director of Centre for Commercial Law Studies

Reading time: 8 minutes

Interview by Josh Lee, Lenon Ong and Elizaveta Shesterneva | Edited by Josh Lee

TechLaw.Fest 2020 (“TLF”) will take place online from 28 September – 2 October 2020, becoming the virtual focal point for leading thinkers, leaders and pioneers in law and technology. In the weeks leading up to TLF, the LawTech.Asia team will be bringing you regular interviews and shout-outs covering some of TLF’s most prominent speakers and the topics they will be speaking about.

This week, LawTech.Asia received the exclusive opportunity to interview Dr Ian Walden, Professor of Information and Communications Law and Queen Mary University of London and the Director of the Centre for Commercial Law Studies. Ian will be speaking at a panel on “Global Perspectives on Tackling AI Governance” on the second day of TLF (29 September 2020).

TechLaw.Fest 2019 Quick Chats: William Deckelman, Executive Vice President, General Counsel and Secretary of DXC Technology

Reading time: 7 minutes

Interview by Andrew Wong, Ong Chin Ngee, Lenon Ong | Edited by Josh Lee

TechLaw.Fest 2019 will take place from 5 to 6 September 2019 in Singapore, bringing together the movers and shakers in the space of law and technology. In these few weeks leading up to TechLaw.Fest, the LawTech.Asia team will be bringing you regular interviews and shout-outs covering prominent speakers and the topics they will be speaking at TechLaw.Fest.

This week, LawTech.Asia received the exclusive opportunity to interview William Deckelman, Executive Vice President, General Counsel and Secretary of DXC Technology. William will be kicking off Day 2 of TechLaw.Fest 2019 with a thematic lecture on security and connectivity.

Powered by WordPress & Theme by Anders Norén