Some condo laws prevail over data protection needs

Condominiums in the Ardmore Park area.
Condominiums in the Ardmore Park area.PHOTO: ST FILE

Info on home owners that is publicly available can be displayed on voter lists

When it comes to protecting your personal data, there is a limit to what owners can do if their personal information is available to the public and the management at their private estate chooses to display it.

This emerged after unit owners at three private estates took issue with their individual management corporations (MCs) and managing agents displaying their personal information, including addresses, on notice boards and a website which can be accessed by many others.

All three cases were brought to the Personal Data Protection Commission, which issued a consolidated decision on Monday because of a few identical issues involved.

The commission said the managing agents and MCs were covered by the Building Maintenance and Strata Management Act (BMSMA), which authorises and requires the names of people entitled to vote at a general meeting to be displayed.

This is because other laws like BMSMA prevail over data protection obligations under the Personal Data Protection Act 2012 (PDPA).

The commission acknowledged that the BMSMA did not note that residents' unit numbers and voting shares may be disclosed in voter lists, along with other details.

But it said that as such data was publicly available, it can be disclosed without obtaining consent or notification, as in this case. The commission said such data can be found in the strata roll generally available to the public, and there are few restrictions under BMSMA when it comes to accessing the strata roll.

The issue came to light after the management of condos Prive in Punggol, The Mornington in St Michael's Road and Seletaris in Sembawang displayed owners' names, unit numbers and voting shares via voter lists. The commission received the complaints last year.

Three Prive residents had complained that the managing agent had posted copies of the voter list containing their details on notice boards and the Prive EC Web portal, without notifying residents or getting their consent.

At Mornington, a resident took issue with the management corporation for leaving a voter list with their details on the publicly accessible notice board for about two months, which was allegedly longer than necessary after the council meeting was held.

And at Seletaris, a unit owner questioned the need for multiple display of the data on at least two notice boards and for keeping it there for an "unnecessarily long period of time" of two days. He also complained that the data was used without consent or notice.

Under the PDPA, disclosure required notifying and obtaining the consent of the affected parties. But the BMSMA trumps protection of personal data. And this applies even to minutes of meetings.

The commission said it is "implicit" that a full and accurate recording of the meeting can contain relevant personal data. But "this position should not be construed to mean that MCs and managing agents may include personal data of their residents without restriction".

The commission stressed that any data recorded in such minutes should be necessary to the proceedings, and if not, the commission may take appropriate enforcement action. It also said keeping the voter list on display for two months was "not so unreasonably long".

A version of this article appeared in the print edition of The Straits Times on June 17, 2017, with the headline 'Some condo laws prevail over data protection needs'. Print Edition | Subscribe