Singapore:
PDPC Sanctions Food Caterer For Breach Of Protection Obligation
06 December 2016
by
Daniel J. McLoon
,
Mauricio Paez
,
Kevin Lyles
,
Todd McClelland
,
Jeff Rabkin
,
Adam Salter
,
Michiru Takahashi
,
Undine Von Diemar
,
Olivier Haas
,
Jörg Hladjk
,
Richard Johnson
,
Anand Varadarajan
,
Nicole Perry
and
Alexa Sendukas
Jones Day
To print this article, all you need is to be registered or login on Mondaq.com.
On November 4, Singapore's PDPC found that Smiling Orchid Pte. Ltd., a food
caterer, failed to make reasonable security arrangements to prevent
unauthorized access to its customers' personal data on its
website, and the PDPC imposed a S$3,000 penalty for violating the
Personal Data Protection Act of 2012. The PDPC noted that users
were able to access other customers' personal data by altering
the URL of their order preview webpage. The PDPC also directed
Smiling Orchid to conduct a security audit and to patch all
identified webpage vulnerabilities.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Privacy from Singapore
New Data Protection Rules In South Korea
Ius Laboris
The Amended Enforcement Decree introduces specific rules that were delegated by the March 2023 amendments to the Personal Information Protection Act, which also came into effect on March 15, 2024.
The Digital Personal Data Protection Act, 2023: A Deep Dive
Spice Route Legal
Over the years, India has seen various iterations of a draft data protection law. In August 2023, the Digital Personal Data Protection Act, 2023 was passed by the Indian parliament. It is expected to come into effect in a phased manner.