SINGAPORE Law and Practice Contributed by: Lim Chong Kin, Drew & Napier LLC
7.2 Service Agreements and Interconnection Agreements
able and well-trained personnel responsible for ensuring information security. In cases where the contract for IT services is with an FI, for instance, the organisation should be aware that FIs in Singapore are also subject to the regulations and guidelines promulgated by the MAS. These regulations and guidelines include but are not limited to the MAS’s Guide - lines on Outsourcing, Notice on Technology Risk Management, Notice on Cyber Hygiene, and Technology Risk Management Guidelines, which, amongst other things, may require FIs to exercise strong oversight of arrangements with third-party service providers to ensure system resilience and maintain data confidentiality and integrity. As a result, organisations entering into IT service agreements with FIs may need to include applicable provisions in relation to the conduct of security audits and reporting with regard to breaches or cyber-attacks. Data Localisation In Singapore, there are no express laws in rela - tion to data localisation or data residency. The PDPC has notably taken a stance against data localisation and emphasised the importance of the free flow of data through coherent and effi - cient cross-border data transfer mechanisms. Where the IT service agreement involves a cross- border transfer of personal data (eg, the storage of data in the cloud or in a data centre located outside of Singapore, or if the solution involves cloud computing), the organisation should also consider compliance with cross-border data transfer requirements under the PDPA and PDPR; see 2.1 Highly Regulated Industries and Data Protection (Specific Issues Regard - ing Personal Data Protection) for more details on the transfer limitation obligation and specific issues for CSPs.
While telecommunications licensees are free to negotiate favourable terms in interconnection and access agreements, the IMDA regulates interconnection and access issues pursuant to the TMCC. The TMCC provides that FBO licen - sees and SBO licensees using switching or rout - ing equipment to provide services to the public are under a general duty to interconnect with one another. Interconnection agreements must be submitted to the IMDA. While the IMDA generally does not involve itself in interconnection nego - tiations between non-dominant licensees, an interconnection agreement between non-dom - inant licensees must nevertheless fulfil certain minimum interconnection duties as specified in the TMCC, and the IMDA reserves the right to reject an interconnection agreement between non-dominant licensees that does not fulfil the requirements. Licensees have a duty to co-operate in good faith and in a commercially reasonable manner in implementing the terms of their interconnec - tion agreements, avoiding unnecessary disputes and resolving any disputes promptly and fairly. The IMDA generally recognises that interconnec - tion agreements are private contracts between licensees, and will not involve itself in disputes arising from interconnection agreements where both parties are non-dominant licensees. Licensees who wish to interconnect with domi - nant licensees may generally do so under one of three options: • pursuant to a reference interconnection offer (RIO) approved by the IMDA; • on the same prices, terms and conditions that a dominant licensee has agreed to with another similarly situated licensee; or
420 CHAMBERS.COM
Powered by FlippingBook