Search for:

On 9 October 2019, the Personal Data Protection Commission (“PDPC“) revised Chapter 6 (Organisations) and Chapter 15 (Access and Correction Obligations) and introduced a new Chapter 8 on cloud services in the Advisory Guidelines on the PDPA for Selected Topics (“Guidelines“). The Guidelines, while not legally binding, reflects the PDPC’s approach in interpreting the Personal Data Protection Act.

In response to the increasing use of cloud services by organisations, the new Chapter 8 offers more clarity on the responsibilities of cloud service providers and organisations using cloud services to process personal data. Updates to Chapter 6 provide more clarity on the roles of an organisation and its data intermediary with regards to safeguarding personal data while updates to Chapter 15 focus on access requests by data subjects.

Please download the full alert for a summary of the PDPC’s updates to the Guidelines.





Anne Petterd is a partner in Baker McKenzie's Singapore office. Anne Petterd focuses on technology, telecommunications, customs and export controls, and consumer and commercial law issues. Much of her practice involves online, telecommunications and IT businesses as well as defence and government procurement. She previously worked with the Australian Government Solicitor. She also worked in Baker McKenzie's London office for 18 months and seconded to major telecommunications and information technology service providers.