Singapore:
PDPC Sanctions Food Caterer For Breach Of Protection Obligation
06 December 2016
by
Daniel J. McLoon
,
Mauricio Paez
,
Kevin Lyles
,
Todd McClelland
,
Jeff Rabkin
,
Adam Salter
,
Michiru Takahashi
,
Undine Von Diemar
,
Olivier Haas
,
Jörg Hladjk
,
Richard Johnson
,
Anand Varadarajan
,
Nicole Perry
and
Alexa Sendukas
Jones Day
To print this article, all you need is to be registered or login on Mondaq.com.
On November 4, Singapore's PDPC found that Smiling Orchid Pte. Ltd., a food
caterer, failed to make reasonable security arrangements to prevent
unauthorized access to its customers' personal data on its
website, and the PDPC imposed a S$3,000 penalty for violating the
Personal Data Protection Act of 2012. The PDPC noted that users
were able to access other customers' personal data by altering
the URL of their order preview webpage. The PDPC also directed
Smiling Orchid to conduct a security audit and to patch all
identified webpage vulnerabilities.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Privacy from Singapore
Data Access Laws Update In February
BTG Advaya
This is a brief update on the data access framework in India. The Indian Government has fairly wide powers under extant Indian criminal and IT laws to request for data...
Brief Note On SPDI
Khurana and Khurana
In India there is no such specific laws for protection of Data , the privacy and protection of Data are governed by the IT Act "Information Technology Rules, 2011".