Users need to scrutinise what data is shared through MyInfo
Sign up now: Get ST's newsletters delivered to your inbox
At least 1,000 digital services offered by government agencies and businesses are integrated with MyInfo.
PHOTO: LIANHE ZAOBAO FILE
Follow topic:
SINGAPORE - Like many banks and insurance firms, dating platform Coffee Meets Bagel (CMB) uses government records to verify its users.
CMB users authenticate themselves through Singpass to retrieve from MyInfo their NRIC number or Foreign Identification Number, date of birth, marital status and gender. The information is used by CMB for verification purposes.
According to GovTech, more than 300,000 transactions are performed daily using MyInfo, a service that allows users to fill in digital forms with their personal data drawn from government databases. At least 1,000 digital services offered by government agencies and businesses are integrated with MyInfo.
GovTech requires companies to submit a “user journey” document to show how the government digital services will be used.
Companies that want to integrate their online services with Singpass’ login function will be assessed on a case-by-case basis, according to Singpass’ website. Companies are also advised not to request more personal data than needed from MyInfo to carry out their services.
“This is aligned with the guidelines of the Personal Data Protection Act (PDPA), which instructs the collection of personal data in an appropriate manner for the circumstances,” according to Singpass’ website. “Each request will be reviewed prior to approval.”
GovTech declined to specify how it assesses requests from companies and what due diligence is conducted to prevent the over-collection of data.
In Singapore, the PDPA governs the collection and use of personal data. Users who have concerns about the ways their personal data is handled can lodge their complaints on the Personal Data Protection Commission’s website
Users are advised they still need to scrutinise the type of information that they share via MyInfo.
“It generally is a good practice for users to be more aware about what they are acceding to before they consent to their data being shared,” said Mr Josh Lee, managing director (Asia-Pacific) at the Future of Privacy Forum and senior research affiliate at the SMU Centre for Digital Law.
Many people are unaware of the risks of giving away too much personal information, said Nanyang Technological University (NTU) associate professor Hannah Yee-Fen Lim.
Sensitive data that falls into the wrong hands can lead to harms such as fraud and identity theft.
“If they know the capabilities of data processing technologies, and how easily and how much harm can result, they may take a less cavalier attitude when giving away their own personal data,” said Prof Lim, who teaches courses on law and technology at NTU.
