Singapore legislation

Clause 8

Unauthorised re-identification of anonymised information

(1)

If —

(a)

an individual takes any action to re-identify or cause re‑identification of the person to whom anonymised information under the control of a Singapore public sector agency relates;

(b)

the re-identification is not authorised by any data sharing direction given to the Singapore public sector agency;

(c)

the individual is a relevant public official of the Singapore public sector agency at the time of taking that action; and

(d)

the individual does so —

(i)

knowing that the re‑identification is not authorised by that data sharing direction; or

(ii)

reckless as to whether the re‑identification is or is not authorised by that data sharing direction,the individual shall be guilty of an offence and shall be liable on conviction to a fine not exceeding $5,000 or to imprisonment for a term not exceeding 2 years or to both.

(2)

In proceedings for an offence under subsection (1), it is a defence to the charge for the accused to prove, on a balance of probabilities, that —

(a)

the information on the identity is publicly available; or

(b)

the action to re-identify or cause re-identification is —

(i)

permitted or required by or under an Act or other law (apart from this Act); or

(ii)

authorised or required by an order of court.

(3)

In this section —

Definition

“anonymised information” means any information which is in anonymised or de‑identified form;

Definition

“relevant public official” has the meaning given by section 7(5).

Read in full context — Public Sector (Governance) Bill →