Jurisdiction - Singapore
Singapore – Key Issues For Your Business In 2015: Technology, Media & Telecommunications.

10 March, 2015


IDA Public Consultation – Enhancing Mobile Competition

On 22 April 2014, IDA issued a public consultation on “Proposed Allocation of Spectrum for International Mobile Telecommunications (IMT) and IMT-Advanced Services and Options to Enhance Mobile Competition”. Through this public consultation, IDA is exploring approaches for facilitating the entry of Mobile Virtual Network Operators (“MVNOs”) into Singapore, thereby enhancing competition. In IDA’s 4G spectrum auction in 2013, IDA had set aside spectrum for a new mobile network operator to enter the market. Although no new operator came in, IDA remains open to facilitating the entry of new players into the mobile market.

The proposed liberalisation will likely see both local startups and major foreign telcos seeking an entry to still profitable and growing segments such as data access, and revisiting niche telecoms models such as the MVNO market. Existing telcos will continue to look at diversifying their revenue generation, such as by moving more aggressively into digital media and mobile applications.

On 12 December 2014, IDA released its Decision to allow the deployment of 4G and IMT-Advanced systems and services in the 3G bands, prior to the expiry of the 3G Spectrum Rights in 2021, with immediate effect. IDA is assessing the responses to the rest of the public consultation, and is targeting to release its decision in early 2015.


Outsourcing involves the wholesale delegation of specific service lines to an external vendor, which requires complex outsourcing agreements that cover the transition of services to the vendor, together with assessment against detailed service levels. The outsourcing arrangement may also involve the transfer of personnel, physical hardware and leases over premises — specialist skills in these areas may be required for drafting and negotiation.


Regulatory issues are still very much in the frame; for example, the MAS Outsourcing Guidelines (last updated 1 July 2005) and Technology Risk Management Notice and Guidelines. In September 2014, MAS issued Consultation Papers on the Notice on Outsourcing and Guidelines on Outsourcing, seeking comments on the proposed draft Notice and Guidelines. The draft Notice defines a set of minimum standards for outsourcing management, such as assessment and audits of service providers, protection of customer data, and termination of the outsourcing arrangement. The updated Guidelines provide further guidance on sound practices relating to the “Responsibility of the Board and Senior Management” and “Monitoring and Control of Outsourcing Arrangements”.

Personal Data Protection Act — Enforcement

The PDPA was introduced in 2012 as a baseline legislation to govern the collection, use and disclosure of personal data in Singapore. The provisions of the PDPA relating to the Do Not Call (“DNC”) Registry came into effect on 2 January 2014 and the data protection provisions on 2 July 2014.With the PDPA now in full swing, the Personal Data Protection Commission (“PDPC”) is actively investigating numerous complaints and businesses may have to defend enforcement actions taken by the PDPC.

On 27 August 2014, Star Zest Home Tuition Pte Ltd and its director, Law Han Wei, were the first offenders to be fined SGD 39,000 each, for breaching the DNC provisions. On 20 October 2014, property agent Kuan Chow Sheng was fined SGD 27,000, also for breaching the DNC provisions.

2015 will be a year where data security and personal data usage concerns will feature prominently, if recent data breaches and hacking incidents, both in Singapore and around the world, are any indication to go by. All Singapore organisations, not limited to those in highly regulated industries, would need to seriously factor in data related compliance measures into their operations, especially with the maximum SGD 1m fine that comes with a breach of the data protection provisions. For consumer facing businesses, with ever greater emphasis on digital technology, e-commerce, data mining and analysis to extract value from data collected, with the objective of guiding business and marketing decisions, designing privacy and data security into day-to-day operations and new projects will be extremely important.


With the recent highly publicised data security breaches through hacking (or insider incidents), companies have no choice but to prioritise cybersecurity. Any unauthorised access that results in confidential data or personal data being accessed by third parties may result in criminal investigations, penalties imposed by Personal Data Protection regulators, reputational damage and civil liabilities.

Companies will need to manage their security systems, as well as continue to raise awareness among their employees to mitigate any risks. Companies that have a regional footprint will face added pressures because the sharing of data among related entities is essential to maintain a competitive edge, yet this increases the risks of unauthorised access. There is a need to prepare a contingency plan in advance, so as to deal effectively with any breach, minimise the reputational damage and manage any civil liabilities.

The setting up of the Cyber Security Agency (“CSA”) of Singapore under the auspices of the Prime Minister’s Office is a noteworthy development. In addition to providing dedicated and centralised oversight of national cyber security functions, the CSA will also work closely with the private sector to develop Singapore’s cyber security eco-system. Organisations would be well advised to ensure that they are ready to comply with all and any directions that may be issued by the CSA in the coming months on cybersecurity threats and countermeasures.


Rajah & Tann


For further information, please contact:


Rajesh Sreenivasan, Partner, Rajah & Tann

[email protected]


Steve Tan, Partner, Rajah & Tann

[email protected]


Rajah & Tann TMT Practice Profile in Singapore


Homegrown TMT Firms in Singapore


Comments are closed.