How are the scope of Singapore's Personal Data Protection Act and the scope of India's IT Rules similar?
How are the scope of Singapore's Personal Data Protection Act and the scope of India's IT Rules similar?
Both Singapore's Personal Data Protection Act (PDPA) and India's Information Technology (IT) Rules primarily apply to the private sector. The PDPA is designed to protect personal data handled by private organizations, and it explicitly excludes public agencies and individuals acting in a personal or domestic capacity. Similarly, India's IT Rules impose requirements on private sector entities handling personal data, focusing on businesses and organizations rather than individuals or government bodies. Hence, the correct answer is that they only apply to the private sector.
Scope of the PDPA The PDPA covers personal data stored in electronic and non-electronic formats. It generally does not apply to: Any individual acting on a personal or domestic basis. Any individual acting in his/her capacity as an employee with an organisation. Any public agency in relation to the collection, use or disclosure of personal data. Business contact information such as an individual’s name, position or title, business telephone number, business address, business email, business fax number and similar information. Who does Singapore PDPA apply to? The PDPA's main data protection obligations apply to all private sector organizations in Singapore, regardless of size, if they collect, use, or disclose the personal data of Singaporeans. It doesn't impose obligations on: Individuals in personal or domestic capacities. The Information Technology Amendment Act is applicable to any person, company or organization that uses computer systems, computer networks or other information technology in India.
A. They only apply to the private sector.