Responsive image

Data Privacy



Follow Our Latest COVID-19 Updates

THAILAND: COVID-19: Postponed Implementation Deadline for Personal Data Protection Act

On 19 May 2020, the Thai Cabinet approved in principle a proposal made by the Ministry of Digital Economy and Society to provide a one-year long postponement of the effective date of key operative provisions of the Personal Data Protection Act B.E. 2562 (2019) ("PDPA") from 27 May 2020 to 31 May 2021 ("New Effective Date"). This move comes as good news for companies struggling to implement their personal data protection regimes by the original 27 May 2020 date. For example, by the New Effective Date, companies are required to ensure they obtain consent from the Data Subject prior to or at the time of any collection, use, or disclosure of Personal Data, except where consent is not required under the PDPA or pursuant to any other laws.

This Update highlights the implications of the postponement, as well as the key features of the PDPA

Thailand | Data Privacy | 20 May 2020
MALAYSIA: Processing Personal Data in the Context of COVID-19 and the Movement Control Order

In light of the COVID-19 outbreak in Malaysia, organisations will likely face questions in respect of their right to share and disclose personal data of employees, customers and visitors to their premises (in particular, after the end of the Movement Control Order when business resumes as usual) for the purpose of contact tracing or to take other response measures.

In this client update, we explore the possible legal grounds for the collection, disclosure and retention of personal data under the Personal Data Protection Act 2010 in the context of the COVID-19 outbreak.

Malaysia | Data Privacy | 08 April 2020
SINGAPORE: In Containing COVID-19 and Complying with the PDPA: Practical Tips

As part of the DORSCON Orange risk assessment, organisations have started implementing precautionary measures to minimise the risk of further transmission of COVID-19, including requiring visitors and employees to fill in health declaration forms to enable ease of contract tracing. When implementing these measures, organisations should be aware that large amounts of personal data may be amassed, and hence should pay particular attention in complying with the Personal Data Protection Act 2012 ("PDPA"). The Personal Data Protection Commission has released an "Advisory on Collection of Personal Data for COVID-19 Contact Tracing" on 13 February 2020 ("Advisory") to provide some guidance in this regard. In this Update, we look at the key aspects of the Advisory and how organisations can ensure compliance with the PDPA.

Singapore | Data Privacy | 12 March 2020


List show all articles in Data-Privacy Subject Matter. Click here to see recent 5 articles.