Singapore's Personal Data Protection Act took another significant step with its first reading in Parliament yesterday.
After a lengthy process from the time legislation was first mooted, this step indicates the passing of the bill should be just around the corner.
One key provision is the new section covering the transfer of data outside Singapore. The new Section 26 provides that an organization is not permitted to transfer data outside Singapore "except in accordance with requirements prescribed under this Act to ensure that organizations provide a standard of protection to personal data".
The approach is more principle-based rather than an assessment of the laws under the foreign jurisdiction, as is the case with the EU. However, compliance does fall upon the sending organization to ensure a comparable level of protection in the receiving organization with the Singapore Act.