• Home
  • About RSIS
    • Introduction
    • Building the Foundations
    • Welcome Message
    • Board of Governors
    • Staff Profiles
      • Executive Deputy Chairman’s Office
      • Dean’s Office
      • Management
      • Distinguished Fellows
      • Faculty and Research
      • Associate Research Fellows, Senior Analysts and Research Analysts
      • Visiting Fellows
      • Adjunct Fellows
      • Administrative Staff
    • Honours and Awards for RSIS Staff and Students
    • RSIS Endowment Fund
    • Endowed Professorships
    • Career Opportunities
    • Getting to RSIS
  • Research
    • Research Centres
      • Centre for Multilateralism Studies (CMS)
      • Centre for Non-Traditional Security Studies (NTS Centre)
      • Centre of Excellence for National Security (CENS)
      • Institute of Defence and Strategic Studies (IDSS)
      • International Centre for Political Violence and Terrorism Research (ICPVTR)
    • Research Programmes
      • National Security Studies Programme (NSSP)
      • Studies in Inter-Religious Relations in Plural Societies (SRP) Programme
    • Future Issues and Technology Cluster
    • [email protected] Newsletter
    • Other Research
      • Science and Technology Studies Programme (STSP) (2017-2020)
  • Graduate Education
    • Graduate Programmes Office
    • Overview
    • MSc (Asian Studies)
    • MSc (International Political Economy)
    • MSc (International Relations)
    • MSc (Strategic Studies)
    • NTU-Warwick Double Masters Programme
    • PhD Programme
    • Exchange Partners and Programmes
    • How to Apply
    • Financial Assistance
    • Meet the Admissions Team: Information Sessions and other events
    • RSIS Alumni
  • Alumni & Networks
    • Alumni
    • Asia-Pacific Programme for Senior Military Officers (APPSMO)
    • Asia-Pacific Programme for Senior National Security Officers (APPSNO)
    • International Strategy Forum-Asia (ISF-Asia)
    • SRP Executive Programme
    • Terrorism Analyst Training Course (TATC)
  • Publications
    • RSIS Publications
      • Annual Reviews
      • Books
      • Bulletins and Newsletters
      • Commentaries
      • Counter Terrorist Trends and Analyses
      • Commemorative / Event Reports
      • IDSS Paper
      • Interreligious Relations
      • Monographs
      • NTS Insight
      • Policy Reports
      • Working Papers
      • RSIS Publications for the Year
    • Glossary of Abbreviations
    • External Publications
      • Authored Books
      • Journal Articles
      • Edited Books
      • Chapters in Edited Books
      • Policy Reports
      • Working Papers
      • Op-Eds
      • External Publications for the Year
    • Policy-relevant Articles Given RSIS Award
  • Media
    • Great Powers
    • Sustainable Security
    • Other Resource Pages
    • Media Highlights
    • News Releases
    • Speeches
    • Vidcast Channel
    • Audio/Video Forums
  • Events
  • Giving
  • Contact Us
Facebook
Twitter
YouTube
RSISVideoCast RSISVideoCast rsis.sg
Linkedin
instagram instagram rsis.sg
RSS
  • Home
  • About RSIS
      • Introduction
      • Building the Foundations
      • Welcome Message
      • Board of Governors
      • Staff Profiles
        • Executive Deputy Chairman’s Office
        • Dean’s Office
        • Management
        • Distinguished Fellows
        • Faculty and Research
        • Associate Research Fellows, Senior Analysts and Research Analysts
        • Visiting Fellows
        • Adjunct Fellows
        • Administrative Staff
      • Honours and Awards for RSIS Staff and Students
      • RSIS Endowment Fund
      • Endowed Professorships
      • Career Opportunities
      • Getting to RSIS
  • Research
      • Research Centres
        • Centre for Multilateralism Studies (CMS)
        • Centre for Non-Traditional Security Studies (NTS Centre)
        • Centre of Excellence for National Security (CENS)
        • Institute of Defence and Strategic Studies (IDSS)
        • International Centre for Political Violence and Terrorism Research (ICPVTR)
      • Research Programmes
        • National Security Studies Programme (NSSP)
        • Studies in Inter-Religious Relations in Plural Societies (SRP) Programme
      • Future Issues and Technology Cluster
      • [email protected] Newsletter
      • Other Research
        • Science and Technology Studies Programme (STSP) (2017-2020)
  • Graduate Education
      • Graduate Programmes Office
      • Overview
      • MSc (Asian Studies)
      • MSc (International Political Economy)
      • MSc (International Relations)
      • MSc (Strategic Studies)
      • NTU-Warwick Double Masters Programme
      • PhD Programme
      • Exchange Partners and Programmes
      • How to Apply
      • Financial Assistance
      • Meet the Admissions Team: Information Sessions and other events
      • RSIS Alumni
  • Alumni & Networks
      • Alumni
      • Asia-Pacific Programme for Senior Military Officers (APPSMO)
      • Asia-Pacific Programme for Senior National Security Officers (APPSNO)
      • International Strategy Forum-Asia (ISF-Asia)
      • SRP Executive Programme
      • Terrorism Analyst Training Course (TATC)
  • Publications
      • RSIS Publications
        • Annual Reviews
        • Books
        • Bulletins and Newsletters
        • Commentaries
        • Counter Terrorist Trends and Analyses
        • Commemorative / Event Reports
        • IDSS Paper
        • Interreligious Relations
        • Monographs
        • NTS Insight
        • Policy Reports
        • Working Papers
        • RSIS Publications for the Year
      • Glossary of Abbreviations
      • External Publications
        • Authored Books
        • Journal Articles
        • Edited Books
        • Chapters in Edited Books
        • Policy Reports
        • Working Papers
        • Op-Eds
        • External Publications for the Year
      • Policy-relevant Articles Given RSIS Award
  • Media
      • Great Powers
      • Sustainable Security
      • Other Resource Pages
      • Media Highlights
      • News Releases
      • Speeches
      • Vidcast Channel
      • Audio/Video Forums
  • Events
  • Giving
  • Contact Us
  • instagram instagram rsis.sg
Connect

Getting to RSIS

Map

Address

Nanyang Technological University
Block S4, Level B3,
50 Nanyang Avenue,
Singapore 639798

View location on Google maps Click here for directions to RSIS

Get in Touch

    Connect with Us

      rsis.ntu
      rsis_ntu
      rsisntu
    RSISVideoCast RSISVideoCast rsisvideocast
      school/rsis-ntu
    instagram instagram rsis.sg
      RSS
    Subscribe to RSIS Publications
    Subscribe to RSIS Events

    RSIS Intranet

    S. Rajaratnam School of International Studies Think Tank and Graduate School Ponder The Improbable Since 1966
    Nanyang Technological University Nanyang Technological University

    Skip to content

     
    • RSIS
    • Publication
    • RSIS Publications
    • The Right of Privacy: Death By a Thousand Data Cuts?
    • Annual Reviews
    • Books
    • Bulletins and Newsletters
    • Commentaries
    • Counter Terrorist Trends and Analyses
    • Commemorative / Event Reports
    • IDSS Paper
    • Interreligious Relations
    • Monographs
    • NTS Insight
    • Policy Reports
    • Working Papers
    • RSIS Publications for the Year

    CO19052 | The Right of Privacy: Death By a Thousand Data Cuts?
    Teo Yi-Ling

    22 March 2019

    download pdf
    RSIS Commentary is a platform to provide timely and, where appropriate, policy-relevant commentary and analysis of topical and contemporary issues. The authors’ views are their own and do not represent the official position of the S. Rajaratnam School of International Studies (RSIS), NTU. These commentaries may be reproduced with prior permission from RSIS and due credit to the author(s) and RSIS. Please email to Editor RSIS Commentary at [email protected].

    SYNOPSIS

    Singapore has the goal of creating a digital data-driven ecosystem that will enable its “Smart Nation” vision, which promises to positively transform the way its citizens and residents live and do business. What does this mean in terms of citizens’ privacy rights?

    COMMENTARY

    SINGAPORE’S APPROACH to data privacy protection is not the human rights-centric approach favoured by the European Union. It is also not the threat-based technology response that has driven reform in the United States. It is largely motivated by the forces of globalisation. And the necessity of adopting standards that will instil trust in its state entities, and allow for seamless integration into global networks.

    In line with its Smart Nation vision, Singapore is being positioned as a trusted international data and analytics hub. It is where data flows in and out of the country will be enabled. Singapore’s participation in the Asia-Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules (CBPR) and the APEC Privacy Recognition for Processors (PRP) was approved in February 2018. The APEC CBPR System requires participating businesses to implement data privacy policies consistent with the APEC Privacy Framework (Framework).

    The Right to be Left Alone

    Essentially, the Framework seeks to provide for the protection of personal data by CBPR members. This is done while facilitating regional information transfers to benefit individual consumers, businesses, and governments.

    It is also necessary to remember that alongside its obligations under the Framework, Singapore is a member state of the ASEAN Human Rights Declaration, which provides at Art 21:

    “Every person has the right to be free from arbitrary interference with his or her privacy, family, home or correspondence including personal data, or to attacks upon that person’s honour or reputation. Every person has the right to protection of the law against such interference or attacks.”

    This right to privacy – also defined as the right to be left alone − was enshrined to protect people from interference by state authorities and private persons, except by sanction of law. Classically, two concepts of privacy are mental (or communicational) privacy and informational privacy.

    The former is explained as the ability to be alone with one’s thoughts, wishes and feelings, to record these in written or electronic form, and to communicate the same to persons of one’s choosing, without being eavesdropped upon or suffering other sorts of psychological intrusion.

    The latter is described as protection for personal information which is legitimately (according to law and with the owner’s consent and knowledge) held by public and private entities. This is on condition that disclosure of this information to third parties is prohibited.

    Profiteering from Interference

    With so much of modern life being driven by personal data, it is difficult to say that people are “free from arbitrary interference” as regards their privacy. Now the entities that appear to be interfering with these types of privacy are not so much state authorities, but businesses and their marketing efforts.

    Enabled by algorithm-driven apps and the major social media platforms, they track every move and decision people make online (via their PCs and mobile devices) and predict behaviours. Location tracking is just one example of such interference. This industry had its roots in creating app customisation for smartphone users by providing advertising for nearby businesses.

    A smartphone contains its user’s contacts, call logs, memos, text and instant messages, images, videos, and GPS data. As smartphone and other mobile device use is commonplace and tracking technology is becoming increasingly accurate, this industry has grown capabilities in data collection and analysis, based on surveilling people’s day-to-day activities.

    The outcome of this is increasing intrusiveness. This is where high volumes of targeted unsolicited advertising are being received by people via their smartphones, or on social media.

    It is not as though people are ignorant of the fact that apps are tracking their movements: location companies make no secret that when location services are enabled by smartphone users, their data is easily collected.

    Smoke and Mirrors?

    Notwithstanding this, the explanations provided by apps about use of data − when users are prompted about granting location access − are often imprecise, oversimplified, or misleading.

    An app may inform users that providing access to their location will then allow them to receive some specific information. But it may not explicitly disclose that collected data will be shared with or sold to third parties: advertisers, retail businesses; even financial institutions and hedge funds that invest in technology start-ups.

    That disclosure is often found in a broadly-phrased, often non-negotiable privacy policy that is not immediately accessible to users, or may require clumsy toggling between online interfaces for access.

    Even if these businesses maintain that they are only keen on understanding patterns of behaviour that the data may reveal, and not user identities per se, there is something egregious about this:

    They keep users in the dark about how their data is exploited, denying them the ability to give informed consent or otherwise to such exploitation, and then use this data to intrude upon them digitally with volumes of unsolicited advertising, in the name of “personalisation” of information.

    Preventing the Digital Erosion of Privacy

    So it is not just the spectre of data breaches that the APEC states should be concerned about as threats to their citizens’ privacy. It is also this seemingly cavalier attitude taken by businesses in what effectively amounts to wholesale dealing in personal data. Surely there has to be increased enforcement against such activity, or even the creation of more focused legislation as well.

    With the progress of time and technology, it appears that privacy is being swiftly eroded. It is sobering to think that with digitisation, the notion of privacy (and its related right) may inadvertently cease to be a viable one.

    It remains to be seen how Singapore and other APEC member reckon with the challenge of balancing their digital business ecosystem goals, with domestic laws and treaty obligations concerning privacy and data protection.

    If cyber security protections for the personal data economy are not meaningfully enforced, consumer trust in engaging with online services, whether provided by the private or public sector, will suffer.

    About the Author

    Teo Yi-Ling is a Senior Fellow with the Cyber and Homeland Defence Programme of the Centre of Excellence for National Security (CENS) at the S. Rajaratnam School of International Studies (RSIS), Nanyang Technological University (NTU), Singapore.

    Categories: Commentaries / Country and Region Studies / Cybersecurity, Biosecurity and Nuclear Safety / Singapore and Homeland Security / East Asia and Asia Pacific / Global / South Asia / Southeast Asia and ASEAN

    Last updated on 22/03/2019

    comments powered by Disqus
    RSIS Commentary is a platform to provide timely and, where appropriate, policy-relevant commentary and analysis of topical and contemporary issues. The authors’ views are their own and do not represent the official position of the S. Rajaratnam School of International Studies (RSIS), NTU. These commentaries may be reproduced with prior permission from RSIS and due credit to the author(s) and RSIS. Please email to Editor RSIS Commentary at [email protected].

    SYNOPSIS

    Singapore has the goal of creating a digital data-driven ecosystem that will enable its “Smart Nation” vision, which promises to positively transform the way its citizens and residents live and do business. What does this mean in terms of citizens’ privacy rights?

    COMMENTARY

    SINGAPORE’S APPROACH to data privacy protection is not the human rights-centric approach favoured by the European Union. It is also not the threat-based technology response that has driven reform in the United States. It is largely motivated by the forces of globalisation. And the necessity of adopting standards that will instil trust in its state entities, and allow for seamless integration into global networks.

    In line with its Smart Nation vision, Singapore is being positioned as a trusted international data and analytics hub. It is where data flows in and out of the country will be enabled. Singapore’s participation in the Asia-Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules (CBPR) and the APEC Privacy Recognition for Processors (PRP) was approved in February 2018. The APEC CBPR System requires participating businesses to implement data privacy policies consistent with the APEC Privacy Framework (Framework).

    The Right to be Left Alone

    Essentially, the Framework seeks to provide for the protection of personal data by CBPR members. This is done while facilitating regional information transfers to benefit individual consumers, businesses, and governments.

    It is also necessary to remember that alongside its obligations under the Framework, Singapore is a member state of the ASEAN Human Rights Declaration, which provides at Art 21:

    “Every person has the right to be free from arbitrary interference with his or her privacy, family, home or correspondence including personal data, or to attacks upon that person’s honour or reputation. Every person has the right to protection of the law against such interference or attacks.”

    This right to privacy – also defined as the right to be left alone − was enshrined to protect people from interference by state authorities and private persons, except by sanction of law. Classically, two concepts of privacy are mental (or communicational) privacy and informational privacy.

    The former is explained as the ability to be alone with one’s thoughts, wishes and feelings, to record these in written or electronic form, and to communicate the same to persons of one’s choosing, without being eavesdropped upon or suffering other sorts of psychological intrusion.

    The latter is described as protection for personal information which is legitimately (according to law and with the owner’s consent and knowledge) held by public and private entities. This is on condition that disclosure of this information to third parties is prohibited.

    Profiteering from Interference

    With so much of modern life being driven by personal data, it is difficult to say that people are “free from arbitrary interference” as regards their privacy. Now the entities that appear to be interfering with these types of privacy are not so much state authorities, but businesses and their marketing efforts.

    Enabled by algorithm-driven apps and the major social media platforms, they track every move and decision people make online (via their PCs and mobile devices) and predict behaviours. Location tracking is just one example of such interference. This industry had its roots in creating app customisation for smartphone users by providing advertising for nearby businesses.

    A smartphone contains its user’s contacts, call logs, memos, text and instant messages, images, videos, and GPS data. As smartphone and other mobile device use is commonplace and tracking technology is becoming increasingly accurate, this industry has grown capabilities in data collection and analysis, based on surveilling people’s day-to-day activities.

    The outcome of this is increasing intrusiveness. This is where high volumes of targeted unsolicited advertising are being received by people via their smartphones, or on social media.

    It is not as though people are ignorant of the fact that apps are tracking their movements: location companies make no secret that when location services are enabled by smartphone users, their data is easily collected.

    Smoke and Mirrors?

    Notwithstanding this, the explanations provided by apps about use of data − when users are prompted about granting location access − are often imprecise, oversimplified, or misleading.

    An app may inform users that providing access to their location will then allow them to receive some specific information. But it may not explicitly disclose that collected data will be shared with or sold to third parties: advertisers, retail businesses; even financial institutions and hedge funds that invest in technology start-ups.

    That disclosure is often found in a broadly-phrased, often non-negotiable privacy policy that is not immediately accessible to users, or may require clumsy toggling between online interfaces for access.

    Even if these businesses maintain that they are only keen on understanding patterns of behaviour that the data may reveal, and not user identities per se, there is something egregious about this:

    They keep users in the dark about how their data is exploited, denying them the ability to give informed consent or otherwise to such exploitation, and then use this data to intrude upon them digitally with volumes of unsolicited advertising, in the name of “personalisation” of information.

    Preventing the Digital Erosion of Privacy

    So it is not just the spectre of data breaches that the APEC states should be concerned about as threats to their citizens’ privacy. It is also this seemingly cavalier attitude taken by businesses in what effectively amounts to wholesale dealing in personal data. Surely there has to be increased enforcement against such activity, or even the creation of more focused legislation as well.

    With the progress of time and technology, it appears that privacy is being swiftly eroded. It is sobering to think that with digitisation, the notion of privacy (and its related right) may inadvertently cease to be a viable one.

    It remains to be seen how Singapore and other APEC member reckon with the challenge of balancing their digital business ecosystem goals, with domestic laws and treaty obligations concerning privacy and data protection.

    If cyber security protections for the personal data economy are not meaningfully enforced, consumer trust in engaging with online services, whether provided by the private or public sector, will suffer.

    About the Author

    Teo Yi-Ling is a Senior Fellow with the Cyber and Homeland Defence Programme of the Centre of Excellence for National Security (CENS) at the S. Rajaratnam School of International Studies (RSIS), Nanyang Technological University (NTU), Singapore.

    Categories: Commentaries / Country and Region Studies / Cybersecurity, Biosecurity and Nuclear Safety / Singapore and Homeland Security

    Last updated on 22/03/2019

    Back to top

    Terms of Use | Privacy Statement
    Copyright © S. Rajaratnam School of International Studies. All rights reserved.
    This site uses cookies to offer you a better browsing experience. By continuing, you are agreeing to the use of cookies on your device as described in our privacy policy. Learn more
    OK
    Latest Book
    The Right of Privacy: Death By a Thousand Data Cuts?

    SYNOPSIS

    Singapore has the goal of creating a digital data-driven ecosystem that will enable its “Smart Nation” vision, which promises to positively transfo ...
    more info