SINGAPORE Trends and Developments Contributed by: Rajesh Sreenivasan, Steve Tan, Benjamin Cheong and Lionel Tan, Rajah & Tann Singapore LLP
Advisory Guidelines on the Use of Personal Data in AI Recommendation and Decision Systems On 1 March 2024, PDPC published the Advisory Guidelines on using Personal Data in AI Recom - mendation and Decision Systems. It seeks to provide: • clarity on the use of personal data to train or develop AI; • guidance on information to be provided to consumers when seeking consent; • guidance to third-party developers of bespoke systems that embed machine learn - ing models (AI Systems) who may occupy the role of data intermediaries on their obligations under the Personal Data Protection Act 2012 (“PDPA”); and • guidance on best practices to support busi - nesses in their compliance with the PDPA. Advisory Guidelines on Children’s Personal Data in the Digital Environment On 28 March 2024, PDPC issued the Advisory Guidelines on the PDPA for Children’s Person - al Data in the Digital Environment (“Children’s Guidelines”). These guidelines clarify how the PDPA’s data protection provisions apply to chil - dren’s personal data in the digital environment. The Children’s Guidelines apply to organisations whose online products or services are likely to be accessed by children, such as social media services, technology-aided learning, online games, and smart toys or devices. In particular, it provides guidance and best practices to the industry on: • how valid the consent obtained from children may be (an individual who is below 18 years of age);
foreign relations, economy, public health, public safety or public order of Singapore. Classes of regulated entities Creating two new classes of regulated entities, other than CII, which are of national importance – Entities of Special Cybersecurity Interest and Foundational Digital Infrastructure. These enti - ties will be subject to a “light-touch” regulatory treatment. Secure Transactions on Mobile Applications On 10 January 2024, CSA published the “Safe App Standard,” a recommended standard that aims to help local app developers and providers enhance mobile app security. It provides a com - mon benchmark and guidance on the neces - sary security controls and best practices to bet - ter protect mobile apps and end-users against common malware and phishing attempts. Proposed Guide to Synthetic Data Generation Moving to the topic of personal data protec - tion, PDPC has launched a Proposed Guide on Synthetic Data Generation (“SD Guide”) to help organisations understand Synthetic Data (“SD”) generation techniques and potential use cases. SD generation is an increasingly utilised Priva - cy-Enhancing Technology in which artificial data is created to drive the growth of AI / Machine Learning by enabling AI model training while pro - tecting the underlying personal data. However, while SD is generally fictitious data that may not be considered personal data, it still carries the risk of possible re-identification. The Guide thus seeks to address these risks by proposing good practices for generating SD.It also includes risk assessments/considerations, governance controls, contractual processes, and technical measures.
434 CHAMBERS.COM
Powered by FlippingBook