• Home
  • About RSIS
    • Introduction
    • Building the Foundations
    • Welcome Message
    • Board of Governors
    • Staff Profiles
      • Executive Deputy Chairman's Office
      • Dean's Office
      • Management
      • Distinguished Fellows
      • Faculty and Research
      • Associate Research Fellows, Senior Analysts and Research Analysts
      • Visiting Fellows
      • Adjunct Fellows
      • Administrative Staff
    • Honours and Awards for RSIS Staff and Students
    • RSIS Endowment Fund
    • Endowed Professorships
    • Career Opportunities
    • Getting to RSIS
  • Research
    • Research Centres
      • Centre for Multilateralism Studies (CMS)
      • Centre for Non-Traditional Security Studies (NTS Centre)
      • Centre of Excellence for National Security (CENS)
      • Institute of Defence and Strategic Studies (IDSS)
      • International Centre for Political Violence and Terrorism Research (ICPVTR)
    • Research Programmes
      • National Security Studies Programme (NSSP)
      • Science and Technology Studies Programme (STSP)
      • Studies in Inter-Religious Relations in Plural Societies (SRP) Programme
    • Research @ RSIS
  • Graduate Education
    • Graduate Programmes Office
    • Overview
    • MSc (Asian Studies)
    • MSc (International Political Economy)
    • MSc (International Relations)
    • MSc (Strategic Studies)
    • NTU-Warwick Double Masters Programme
    • PhD Programme
    • Exchange Partners and Programmes
    • How to Apply
    • Financial Assistance
    • Information Sessions
    • RSIS Alumni
  • Alumni & Networks
    • Alumni
    • Asia Pacific Programme for Senior Military Officers (APPSMO)
    • Asia-Pacific Programme for Senior National Security Officers (APPSNO)
    • SRP Executive Programme
    • Terrorism Analyst Training Course (TATC)
  • Publications
    • RSIS Publications
      • Annual Reviews
      • Books
      • Bulletins and Newsletters
      • Commentaries
      • Counter Terrorist Trends and Analyses
      • Commemorative / Event Reports
      • Interreligious Relations
      • Monographs
      • NTS Insight
      • Policy Reports
      • Working Papers
      • RSIS Publications for the Year
    • Glossary of Abbreviations
    • External Publications
      • Authored Books
      • Journal Articles
      • Edited Books / Special Issues
      • Chapters in Edited Books
      • Working Papers
      • Op-Eds
      • External Publications for the Year
    • Policy-relevant Articles Given RSIS Award
  • Media
    • Topical Issues
    • COVID-19 Resources
    • Media Highlights
    • News Releases
    • Speeches
    • Video Library
  • Events
  • Giving
  • Contact Us
Facebook
Twitter
YouTube
RSISVideoCast RSISVideoCast rsis.sg
Linkedin
instagram instagram rsis.sg
RSS
  • Home
  • About RSIS
      • Introduction
      • Building the Foundations
      • Welcome Message
      • Board of Governors
      • Staff Profiles
        • Executive Deputy Chairman's Office
        • Dean's Office
        • Management
        • Distinguished Fellows
        • Faculty and Research
        • Associate Research Fellows, Senior Analysts and Research Analysts
        • Visiting Fellows
        • Adjunct Fellows
        • Administrative Staff
      • Honours and Awards for RSIS Staff and Students
      • RSIS Endowment Fund
      • Endowed Professorships
      • Career Opportunities
      • Getting to RSIS
  • Research
      • Research Centres
        • Centre for Multilateralism Studies (CMS)
        • Centre for Non-Traditional Security Studies (NTS Centre)
        • Centre of Excellence for National Security (CENS)
        • Institute of Defence and Strategic Studies (IDSS)
        • International Centre for Political Violence and Terrorism Research (ICPVTR)
      • Research Programmes
        • National Security Studies Programme (NSSP)
        • Science and Technology Studies Programme (STSP)
        • Studies in Inter-Religious Relations in Plural Societies (SRP) Programme
      • Research @ RSIS
  • Graduate Education
      • Graduate Programmes Office
      • Overview
      • MSc (Asian Studies)
      • MSc (International Political Economy)
      • MSc (International Relations)
      • MSc (Strategic Studies)
      • NTU-Warwick Double Masters Programme
      • PhD Programme
      • Exchange Partners and Programmes
      • How to Apply
      • Financial Assistance
      • Information Sessions
      • RSIS Alumni
  • Alumni & Networks
      • Alumni
      • Asia Pacific Programme for Senior Military Officers (APPSMO)
      • Asia-Pacific Programme for Senior National Security Officers (APPSNO)
      • SRP Executive Programme
      • Terrorism Analyst Training Course (TATC)
  • Publications
      • RSIS Publications
        • Annual Reviews
        • Books
        • Bulletins and Newsletters
        • Commentaries
        • Counter Terrorist Trends and Analyses
        • Commemorative / Event Reports
        • Interreligious Relations
        • Monographs
        • NTS Insight
        • Policy Reports
        • Working Papers
        • RSIS Publications for the Year
      • Glossary of Abbreviations
      • External Publications
        • Authored Books
        • Journal Articles
        • Edited Books / Special Issues
        • Chapters in Edited Books
        • Working Papers
        • Op-Eds
        • External Publications for the Year
      • Policy-relevant Articles Given RSIS Award
  • Media
      • Topical Issues
      • COVID-19 Resources
      • Media Highlights
      • News Releases
      • Speeches
      • Video Library
  • Events
  • Giving
  • Contact Us
  • instagram instagram rsis.sg
Connect

Getting to RSIS

Map

Address

Nanyang Technological University
Block S4, Level B3,
50 Nanyang Avenue,
Singapore 639798

View location on Google maps Click here for directions to RSIS

Get in Touch

Connect with Us

  rsis.ntu
  rsis_ntu
  rsisntu
RSISVideoCast RSISVideoCast rsisvideocast
  school/rsis-ntu
instagram instagram rsis.sg
  RSS
Subscribe to RSIS Publications
Subscribe to RSIS Events

RSIS Intranet

S. Rajaratnam School of International Studies S. Rajaratnam School of International Studies Ponder The Improbable Since 1966
Nanyang Technological University Nanyang Technological University

Skip to content

 
  • RSIS
  • Publication
  • RSIS Publications
  • The Right of Privacy: Death By a Thousand Data Cuts?
  • Annual Reviews
  • Books
  • Bulletins and Newsletters
  • Commentaries
  • Counter Terrorist Trends and Analyses
  • Commemorative / Event Reports
  • Interreligious Relations
  • Monographs
  • NTS Insight
  • Policy Reports
  • Working Papers
  • RSIS Publications for the Year

CO19052 | The Right of Privacy: Death By a Thousand Data Cuts?
Teo Yi-Ling

22 March 2019

download pdf
RSIS Commentary is a platform to provide timely and, where appropriate, policy-relevant commentary and analysis of topical and contemporary issues. The authors’ views are their own and do not represent the official position of the S. Rajaratnam School of International Studies, NTU. These commentaries may be reproduced with prior permission from RSIS and due recognition to the author(s) and RSIS. Please email to Mr Yang Razali Kassim, Editor RSIS Commentary at [email protected]

SYNOPSIS

Singapore has the goal of creating a digital data-driven ecosystem that will enable its “Smart Nation” vision, which promises to positively transform the way its citizens and residents live and do business. What does this mean in terms of citizens’ privacy rights?

COMMENTARY

SINGAPORE’S APPROACH to data privacy protection is not the human rights-centric approach favoured by the European Union. It is also not the threat-based technology response that has driven reform in the United States. It is largely motivated by the forces of globalisation. And the necessity of adopting standards that will instil trust in its state entities, and allow for seamless integration into global networks.

In line with its Smart Nation vision, Singapore is being positioned as a trusted international data and analytics hub. It is where data flows in and out of the country will be enabled. Singapore’s participation in the Asia-Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules (CBPR) and the APEC Privacy Recognition for Processors (PRP) was approved in February 2018. The APEC CBPR System requires participating businesses to implement data privacy policies consistent with the APEC Privacy Framework (Framework).

The Right to be Left Alone

Essentially, the Framework seeks to provide for the protection of personal data by CBPR members. This is done while facilitating regional information transfers to benefit individual consumers, businesses, and governments.

It is also necessary to remember that alongside its obligations under the Framework, Singapore is a member state of the ASEAN Human Rights Declaration, which provides at Art 21:

“Every person has the right to be free from arbitrary interference with his or her privacy, family, home or correspondence including personal data, or to attacks upon that person’s honour or reputation. Every person has the right to protection of the law against such interference or attacks.”

This right to privacy – also defined as the right to be left alone − was enshrined to protect people from interference by state authorities and private persons, except by sanction of law. Classically, two concepts of privacy are mental (or communicational) privacy and informational privacy.

The former is explained as the ability to be alone with one’s thoughts, wishes and feelings, to record these in written or electronic form, and to communicate the same to persons of one’s choosing, without being eavesdropped upon or suffering other sorts of psychological intrusion.

The latter is described as protection for personal information which is legitimately (according to law and with the owner’s consent and knowledge) held by public and private entities. This is on condition that disclosure of this information to third parties is prohibited.

Profiteering from Interference

With so much of modern life being driven by personal data, it is difficult to say that people are “free from arbitrary interference” as regards their privacy. Now the entities that appear to be interfering with these types of privacy are not so much state authorities, but businesses and their marketing efforts.

Enabled by algorithm-driven apps and the major social media platforms, they track every move and decision people make online (via their PCs and mobile devices) and predict behaviours. Location tracking is just one example of such interference. This industry had its roots in creating app customisation for smartphone users by providing advertising for nearby businesses.

A smartphone contains its user’s contacts, call logs, memos, text and instant messages, images, videos, and GPS data. As smartphone and other mobile device use is commonplace and tracking technology is becoming increasingly accurate, this industry has grown capabilities in data collection and analysis, based on surveilling people’s day-to-day activities.

The outcome of this is increasing intrusiveness. This is where high volumes of targeted unsolicited advertising are being received by people via their smartphones, or on social media.

It is not as though people are ignorant of the fact that apps are tracking their movements: location companies make no secret that when location services are enabled by smartphone users, their data is easily collected.

Smoke and Mirrors?

Notwithstanding this, the explanations provided by apps about use of data − when users are prompted about granting location access − are often imprecise, oversimplified, or misleading.

An app may inform users that providing access to their location will then allow them to receive some specific information. But it may not explicitly disclose that collected data will be shared with or sold to third parties: advertisers, retail businesses; even financial institutions and hedge funds that invest in technology start-ups.

That disclosure is often found in a broadly-phrased, often non-negotiable privacy policy that is not immediately accessible to users, or may require clumsy toggling between online interfaces for access.

Even if these businesses maintain that they are only keen on understanding patterns of behaviour that the data may reveal, and not user identities per se, there is something egregious about this:

They keep users in the dark about how their data is exploited, denying them the ability to give informed consent or otherwise to such exploitation, and then use this data to intrude upon them digitally with volumes of unsolicited advertising, in the name of “personalisation” of information.

Preventing the Digital Erosion of Privacy

So it is not just the spectre of data breaches that the APEC states should be concerned about as threats to their citizens’ privacy. It is also this seemingly cavalier attitude taken by businesses in what effectively amounts to wholesale dealing in personal data. Surely there has to be increased enforcement against such activity, or even the creation of more focused legislation as well.

With the progress of time and technology, it appears that privacy is being swiftly eroded. It is sobering to think that with digitisation, the notion of privacy (and its related right) may inadvertently cease to be a viable one.

It remains to be seen how Singapore and other APEC member reckon with the challenge of balancing their digital business ecosystem goals, with domestic laws and treaty obligations concerning privacy and data protection.

If cyber security protections for the personal data economy are not meaningfully enforced, consumer trust in engaging with online services, whether provided by the private or public sector, will suffer.

About the Author

Teo Yi-Ling is a Senior Fellow with the Cyber and Homeland Defence Programme of the Centre of Excellence for National Security (CENS) at the S. Rajaratnam School of International Studies (RSIS), Nanyang Technological University (NTU), Singapore.

Categories: Commentaries / Country and Region Studies / Cybersecurity, Biosecurity and Nuclear Safety / Singapore and Homeland Security

Last updated on 22/03/2019

RSIS Commentary is a platform to provide timely and, where appropriate, policy-relevant commentary and analysis of topical and contemporary issues. The authors’ views are their own and do not represent the official position of the S. Rajaratnam School of International Studies, NTU. These commentaries may be reproduced with prior permission from RSIS and due recognition to the author(s) and RSIS. Please email to Mr Yang Razali Kassim, Editor RSIS Commentary at [email protected]

SYNOPSIS

Singapore has the goal of creating a digital data-driven ecosystem that will enable its “Smart Nation” vision, which promises to positively transform the way its citizens and residents live and do business. What does this mean in terms of citizens’ privacy rights?

COMMENTARY

SINGAPORE’S APPROACH to data privacy protection is not the human rights-centric approach favoured by the European Union. It is also not the threat-based technology response that has driven reform in the United States. It is largely motivated by the forces of globalisation. And the necessity of adopting standards that will instil trust in its state entities, and allow for seamless integration into global networks.

In line with its Smart Nation vision, Singapore is being positioned as a trusted international data and analytics hub. It is where data flows in and out of the country will be enabled. Singapore’s participation in the Asia-Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules (CBPR) and the APEC Privacy Recognition for Processors (PRP) was approved in February 2018. The APEC CBPR System requires participating businesses to implement data privacy policies consistent with the APEC Privacy Framework (Framework).

The Right to be Left Alone

Essentially, the Framework seeks to provide for the protection of personal data by CBPR members. This is done while facilitating regional information transfers to benefit individual consumers, businesses, and governments.

It is also necessary to remember that alongside its obligations under the Framework, Singapore is a member state of the ASEAN Human Rights Declaration, which provides at Art 21:

“Every person has the right to be free from arbitrary interference with his or her privacy, family, home or correspondence including personal data, or to attacks upon that person’s honour or reputation. Every person has the right to protection of the law against such interference or attacks.”

This right to privacy – also defined as the right to be left alone − was enshrined to protect people from interference by state authorities and private persons, except by sanction of law. Classically, two concepts of privacy are mental (or communicational) privacy and informational privacy.

The former is explained as the ability to be alone with one’s thoughts, wishes and feelings, to record these in written or electronic form, and to communicate the same to persons of one’s choosing, without being eavesdropped upon or suffering other sorts of psychological intrusion.

The latter is described as protection for personal information which is legitimately (according to law and with the owner’s consent and knowledge) held by public and private entities. This is on condition that disclosure of this information to third parties is prohibited.

Profiteering from Interference

With so much of modern life being driven by personal data, it is difficult to say that people are “free from arbitrary interference” as regards their privacy. Now the entities that appear to be interfering with these types of privacy are not so much state authorities, but businesses and their marketing efforts.

Enabled by algorithm-driven apps and the major social media platforms, they track every move and decision people make online (via their PCs and mobile devices) and predict behaviours. Location tracking is just one example of such interference. This industry had its roots in creating app customisation for smartphone users by providing advertising for nearby businesses.

A smartphone contains its user’s contacts, call logs, memos, text and instant messages, images, videos, and GPS data. As smartphone and other mobile device use is commonplace and tracking technology is becoming increasingly accurate, this industry has grown capabilities in data collection and analysis, based on surveilling people’s day-to-day activities.

The outcome of this is increasing intrusiveness. This is where high volumes of targeted unsolicited advertising are being received by people via their smartphones, or on social media.

It is not as though people are ignorant of the fact that apps are tracking their movements: location companies make no secret that when location services are enabled by smartphone users, their data is easily collected.

Smoke and Mirrors?

Notwithstanding this, the explanations provided by apps about use of data − when users are prompted about granting location access − are often imprecise, oversimplified, or misleading.

An app may inform users that providing access to their location will then allow them to receive some specific information. But it may not explicitly disclose that collected data will be shared with or sold to third parties: advertisers, retail businesses; even financial institutions and hedge funds that invest in technology start-ups.

That disclosure is often found in a broadly-phrased, often non-negotiable privacy policy that is not immediately accessible to users, or may require clumsy toggling between online interfaces for access.

Even if these businesses maintain that they are only keen on understanding patterns of behaviour that the data may reveal, and not user identities per se, there is something egregious about this:

They keep users in the dark about how their data is exploited, denying them the ability to give informed consent or otherwise to such exploitation, and then use this data to intrude upon them digitally with volumes of unsolicited advertising, in the name of “personalisation” of information.

Preventing the Digital Erosion of Privacy

So it is not just the spectre of data breaches that the APEC states should be concerned about as threats to their citizens’ privacy. It is also this seemingly cavalier attitude taken by businesses in what effectively amounts to wholesale dealing in personal data. Surely there has to be increased enforcement against such activity, or even the creation of more focused legislation as well.

With the progress of time and technology, it appears that privacy is being swiftly eroded. It is sobering to think that with digitisation, the notion of privacy (and its related right) may inadvertently cease to be a viable one.

It remains to be seen how Singapore and other APEC member reckon with the challenge of balancing their digital business ecosystem goals, with domestic laws and treaty obligations concerning privacy and data protection.

If cyber security protections for the personal data economy are not meaningfully enforced, consumer trust in engaging with online services, whether provided by the private or public sector, will suffer.

About the Author

Teo Yi-Ling is a Senior Fellow with the Cyber and Homeland Defence Programme of the Centre of Excellence for National Security (CENS) at the S. Rajaratnam School of International Studies (RSIS), Nanyang Technological University (NTU), Singapore.

Categories: Commentaries / Country and Region Studies / Cybersecurity, Biosecurity and Nuclear Safety / Singapore and Homeland Security

Last updated on 22/03/2019

Back to top

Terms of Use | Privacy Statement
Copyright © S. Rajaratnam School of International Studies. All rights reserved.
This site uses cookies to offer you a better browsing experience. By continuing, you are agreeing to the use of cookies on your device as described in our privacy policy. Learn more
OK
Latest Book
The Right of Privacy: Death By a Thousand Data Cuts?

SYNOPSIS

Singapore has the goal of creating a digital data-driven ecosystem that will enable its “Smart Nation” vision, which promises to positively transfo ...
more info