Forum: Reduce exposure of personal data during food delivery process
Sign up now: Get ST's newsletters delivered to your inbox
Follow topic:
Food delivery is no longer a novelty in Singapore. It is a daily utility, relied upon by families, office workers, seniors, and thousands of delivery riders like me who keep the system running.
The delivery platforms manage payments, routing, identity verification and real-time tracking with high levels of technical sophistication. Yet in one key area – user privacy in basic communications – standards remain uneven.
On the foodpanda delivery platform, riders and customers are still required to communicate through direct phone calls that expose their real personal phone numbers. This means a customer’s number is visible to the rider, and the rider’s personal number is visible to the customer during delivery-related contact.
Other major platforms operating in Singapore, including Deliveroo and GrabFood, have already implemented Voice over Internet Protocol or number masking systems, letting necessary communication take place without revealing personal contact details. This shows that privacy-preserving delivery communication is not only technically feasible, but already operational at scale.
From a policy perspective, this matters because telephone numbers are sensitive personal data. Once disclosed, they can be saved, reused, or the person can be contacted again outside the original transaction. Even where no misuse occurs, exposure creates unnecessary risk and discomfort – particularly for vulnerable users.
For delivery riders, the issue is structural. Calling customers is often operationally required to complete an order. Riders therefore have little choice but to disclose their personal phone numbers as part of their work. In effect, individual workers absorb privacy and safety risks that could otherwise be mitigated at the platform level.
Singapore has positioned itself as a leader in digital trust and smart nation governance. Consumer expectations have evolved accordingly. Users increasingly assume that platform-mediated interactions will be designed with privacy safeguards by default, not left to individual discretion or legacy processes.
This is not an argument against operational efficiency, or a call to restrict essential rider-customer communication. It is also not about attributing blame to riders or customers, who are simply using the tools provided to them.
The responsibility for system design lies with platforms, and the role of policymakers is to ensure that prevailing standards keep pace with technological norms and public expectations.
Lee Guan Xing
