Security questions addressed as data sharing law among public agencies comes into play

Security questions addressed as data sharing law among public agencies comes into play

Channel NewsAsia·2018-01-09 03:15

The Public Sector (Governance) Bill sets out the parameters for data to be shared within the Government, and who is responsible for securing the information.

File photo of someone using a mouse. (Photo: AFP/GREG BAKER)

SINGAPORE: Even as rules relating to data sharing within the Singapore Government were formalised on Monday (Jan 8), following the passing of the Public Sector (Governance) Bill in Parliament, Minister in charge of public service innovation Ong Ye Kung sought to address security concerns raised by MPs. 

The Public Service Division said in its media factsheet that the Bill formalises how and when agencies share information with each other, with seven purposes set out in the legislation. The reasons are:

To uphold and promote the values of the Singapore public sector

To secure economies or efficiencies for the Singapore public sector

To improve (directly or indirectly) the efficiency or effectiveness of policies, programme management or service planning and delivery by Singapore public sector agencies (whether by carrying out data analytics work or otherwise)

To ensure business continuity

To ensure accountable and prudent stewardship of Singapore public sector finances and resources

To manage risks to the financial position of the Government

To support a whole-of-government approach in the discharge of the Singapore public sector agencies’ function

Mr Ong, who is also Education Minister (Higher Education and Skills), said in his parliamentary speech on Monday that these rules are backed up amendments to the Civil Service’s internal guidelines which, in effect, state that identifiable personal data is shared when services need to be better delivered to the individual, while non-identifiable data is shared to improve policy analysis, planning and formulation.

“MUCH GOOD CAN BE GOTTEN”

With this in place, the public service is positioned to better serve the public, both in front-line service and using the data for analysis and to develop policies and programmes as part of the country's Smart Nation ambitions, he said.

NMP Chia Yong Yong agreed with Mr Ong’s assessment on the potential of data sharing within the public sector, saying in Parliament that “much good can be gotten, if used wisely”. Agencies could build more holistic profiles of citizens and thus deliver better service with the data available to them, she noted.

This would be particularly helpful to one of the five strategic national projects – Moments of Life - outlined by the Smart Nation and Digital Government Office last August. The agency said the initiative would look to bundle services and information online according to what citizens may need at different key life moments, such as starting a family and raising a child in the early years. 

Deputy Chief Executive of the Government Technology Office Chan Cheow Hoe hinted at things to come last September, when he talked about how the Government has changed its approach to delivering services to citizens.

“The datasets help us a lot ... (for instance) predicting that if you have a baby, there are really 15 services that you need. You don't have to go to 15 agencies - we should serve it to you," Mr Chan said then.  

Mr Ong was keen to highlight that even when data that can be tied to a person is shared among agencies, there will be discretion. For instance, if someone applies for financial support, the data shared among agencies could possibly be if the applicant meets the financial requirements, and not how much they earn, he explained.

Data would also be anonymised for areas such as policy or estate planning, the minister said. When deciding to build a seniors activity centre, for example, city planners will need the number of seniors living in any particular area, rather than the specific data of individual seniors.

CRIMINAL PENALTIES INTRODUCED FOR DATA MISUSE

Mr Ong also noted the new law will also look to address the issue of responsibility when it comes to dealing with people’s data. Previously, the agency requesting the data would use it but it is the owner that is responsible and accountable for the security of the data.

“This Bill will correct this asymmetry, and makes clear that it is the user that will be accountable for the protection and safeguarding of data passed to them,” the minister said, who added the new law is “aligned” with the Personal Data Protection Act (PDPA).

The data sharing regime also brings into force criminal penalties such as fines and jail terms should there be the unauthorised disclosure and improper use of information and the unauthorised re-identification of anonymised information.

For instance, if a public servant is found guilty of unauthorised disclosure, the person will be liable to a fine of up to S$5,000, or jail of up to two years, or both.

PSD did note that information currently protected by specific legislation, such as the Income Tax Act, Banking Act and Statistics Act, will continue to be protected and not affected by this Bill. 

……

Read full article on Channel NewsAsia

Singapore Policy Cybersecurity parliament