Personal Data Protection: Singapore to Enforce DNC Registry

The Do-Not-Call (DNC) registry is an attempt by the Singapore government to protect the data of the citizens from unsolicited telemarketing calls and messages. This month, the Singapore parliament passed the Personal Data Protection Bill which safeguards an individual’s personal data from being misused. The bill encompasses the national Do-Not-Call registry while a new enforcement agency, the Personal Data Protection Commission (PDPC), has been tasked to regulate how businesses manage personal data. The commission will also have the power to impose financial penalties in case of violations reported by consumers.

Similar guidelines have been already adopted by many countries including USA and India. The DNC registry gives consumers the opportunity to limit the number of telemarketing calls received. It allows them to have more control over messages, calls, and notifications they receive on their phone.

What the DNC registry entails

nIn the guidelines set for the DNC registry, the Bill prohibits organizations from sending messages which promote or advertise a good or service to DNC-registered Singapore telephone numbers, including mobile, fixed line, residential, and business numbers. The Registry focuses on telemarketing calls or messages of a commercial nature sent to consumers. Messages for pure market survey or research, promotion of charitable or religious causes, personal messages sent by individuals, public messages sent by government agencies, and political messages will not be covered under the DNC provisions. Telemarketing calls or messages of a commercial nature that target other businesses are also excluded from the DNC provisions.

Registrations are set to commence by December 2013 and the Bill will be enforceable from January 2014. Till then, organizations have been given time to review and adopt internal personal data protection policies and practices which comply with the guidelines and provisions relating to the DNC Registry. The Bill applies to all organizations across the private sector, but does not cover the public sector which has an existing set of data protection rules with which all public officers must comply.

The National Do-Not-Call Registry will be created by early 2014. The registry prohibits organizations from sending specified messages to any Singapore telephone number registered with the DNC, unless the owner of the telephone number has given consent to be contacted for marketing purposes. If an organization is non-compliant, the PDPC may impose a maximum financial penalty of S$1 million (US$818,150). Companies found to have violated the data protection rule may be fined up to S$10,000 (US$8,181) per customer complaint.

Consumer is king

customerCustomers can still choose to receive marketing messages by certain organizations, simply by giving them a clear and unambiguous consent in written or other accessible form. Organizations that have been granted customers consent may then send marketing messages to their Singapore telephone number, even if it is registered with the DNC Registry. The Bill gives the consumer the option of withdrawing consent from the organization in case they change their mind (subject to existing contracts).

This long overdue Bill is part of the Singapore Data Protection Law. The PDPC, as part of the Personal Data Protection Act hopes to promote greater awareness of the importance of personal data protection in Singapore. Telemarketers will now have to comply with all the guidelines or face heavy fines. This enactment should hopefully create a climate of consumer-focused marketing instead of bothersome, unsolicited campaigns.