Parliament: Data breaches disclosed to people affected on case-by-case basis: Janil

Yip Wai Yee
Taiwan Correspondent
Updated
Mar 01, 2019, 06:37 AM
Published
Mar 01, 2019, 05:00 AM

Public agencies in Singapore will approach citizen data breaches on a case-by-case basis, Dr Janil Puthucheary, Senior Minister of State for Communications and Information and Transport, said in Parliament yesterday.

"There are guidelines about how public sector officials should handle the matter of a data breach involving citizens' particulars... There is no absolute requirement," he said in his reply to questions from MPs on the standards for disclosing public sector-related data breaches.

"We do need to look at every case, and we do need to look at the issue at hand as to what has been accessed, what are the circumstances and what the potential impact would be on the citizen to be involved in that process thereafter," said Dr Janil, who is in charge of the Government Technology Agency (GovTech).

Workers' Party chairman Sylvia Lim (Aljunied GRC) had asked whether affected citizens have the right to know, and in a timely manner, if their data has been compromised while in the care of public agencies. Nominated MP Walter Theseira had also asked similar questions.

Even though there is no mandatory reporting requirement, there are guidelines on how citizens should be approached.

"The situation needs to be taken on a case-by-case basis and all the factors that are relevant need to be taken into account," he added, during the debate on the budget for the Prime Minister's Office, which GovTech comes under.

Ms Lim cited the case of a police station inspector who, in February 2016, had illegally accessed the computer system at his workplace to check on the phone records of a man whom he suspected of having an affair with his wife. The case was made public last month.

More On This Topic
41 cases of personal data loss reported by Government in past three years, says DPM Teo Chee Hean
All eyes on steps to protect personal data
The big task - instilling a culture of taking cyber security seriously

Dr Janil assured the House that the Government has increased the number and types of internal IT audits to check on agencies' data protection measures.

Among the implemented measures is the disabling of USB ports to keep out unauthorised devices.

"We will continually review our standards and measures, and will incorporate lessons learnt and industry's best practices," he said.

Should citizens suspect their data has been misused or hacked, they can complain to GovTech, or make a police report if a crime is suspected. "Complaints will be thoroughly investigated and appropriate action taken," he said.

More On This Topic
All eyes on steps to protect personal data
The big task - instilling a culture of taking cyber security seriously

Join ST's WhatsApp Channel and get the latest news and must-reads.

A version of this article appeared in the print edition of The Straits Times on March 01, 2019, with the headline Data breaches disclosed to people affected on case-by-case basis: Janil. Subscribe

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top