Category Archives: 2013

ISOC events in 2013

Regulatory Compliance – Scope and Implication for Project Managers

12 November 2013 | Regulatory Compliance – Scope and Implication for Project Managers


Time: 7.30pm to 9.30pm (Registration and Buffet Dinner starts from 6.30pm)
Venue: SMU Lee Kong Chian School of Business | 50 Stamford Road | Seminar Room 1.2 | Level 1

– Bryan Tan
(Partner, Pinsent Mason MPillay)
– Rosemary Lee (Counsel, Pinsent Masons MPillay)

Understanding the Personal Data Protection Act 2012

The PDPA came into effect in January 2013 and establishes a data protection regime to govern the way organisations in Singapore collect, use, disclose and process personal data.

The transition period under the PDPA is still ongoing to allow organisations time to review and adopt internal personal data protection policies and practices. The PDPA will be implemented in two phases with the first phase having already been implemented in the beginning of 2013. The first phase relates to the formation of the Personal Data Protection Commission. The second phase of implementation deals with two areas, being the establishment of the “Do Not Call” registry (a registry which will allow individuals to register their telephone numbers to opt out of receiving marketing calls or SMSes) and the DNC Registry provisions coming into effect on 2 January 2014 and the main data protection rules coming into effect on 2 July 2014.

In addition, the Monetary Authority of Singapore (MAS) issued the Technology Risk Management Guidelines (TRM Guidelines) and Technology Risk Management Notices (TRM Notice) on 21 June 2013. In particular, the TRM Notice sets out the legal requirements relating to technology risk management for financial institutions, including requirements for a high level of reliability, availability and recoverability of critical IT systems. As the TRM Notice will take effect from 1 July 2014, financial institutions will have less than 12 months to work towards being compliance ready with the TRM Notices requirements.

At this session, we will be looking at key areas covered by the TRM Guidelines which Project Managers need to be aware of, such as:

– TRM framework to manage technology risks
– Management of IT outsourcing risks
– Systems reliability, availability and recoverability
– Operational infrastructure security management
– Enhanced data centre protection and controls

We will also be covering the main obligations under the TRM Notice which Project Managers need to be aware of when working toward compliance:

– Identification of “critical system”
– Maintenance of “high availability” and Recovery time objective (“RTO”)
– Notification of “relevant incident”
– Submission of root cause and impact analysis report
– Protection of customer information


IIC Singapore Forum: Post-IGF Bali Breakfast Briefing

Date: Monday Oct 28th, 8.30am-10am
Venue: Olswang Asia – Ocean Financial Centre,
10 Collyer Quay, #05-01, Singapore



IIC Singapore, in cooperation with TRPC, Microsoft and Olswang, is organizing a high-level breakfast debrief to follow this year’s IGF in Bali. Representatives from ICANN, Microsoft, AIC, TRPC and academia (NTU) will present a review and their perspectives on the developments taking place in Internet governance and its impact upon the Asia Pacific region.

On behalf of IIC Singapore, TRPC invites you to participate in the conversation on Oct 28, 2013, 8.30am-10am. This session is by invitation only and will follow Chatham House rules. As seating will be limited for this session please RSVP at your earliest convenience.


Sally Costerton, Senior Advisor to the President – Global Stakeholder Engagement, Internet Corporation for Assigned Names and Numbers (ICANN)

Paul Mitchell, General Manager – Technology Policy Group, Microsoft

Ankhi Das, Public Policy Director, India – Facebook, and member of IGF 2013 Multi-Stakeholder Advisory Group (MAG)

Lim May-Ann, Research Director, TRPC – Internet Society (ISOC) Ambassador to IGF 2013

Ang Peng Hwa, Director of the Singapore Internet Research Centre at the Wee Kim Wee School of Communication and Information, Nanyang Technological University, and Vice-President, Internet Society (ISOC) Singapore

About IGF Bali

The Internet Governance Forum (IGF) is a multi-stakeholder dialogue on the issues and policies of Internet governance. The forums bring together stakeholders in the Internet governance debate, including government representatives, the private sector, civil society organizations, and the technical and academic communities, on an equal basis and through an open and inclusive process. The establishment of the IGF was formally announced by the United Nations Secretary-General in July 2006. The IGF was first convened in October–November 2006 and has been held annually since then.

The eighth annual Meeting of the IGF will be hosted by the Government of Indonesia in Bali from 22 to 25 October 2013. The overall theme of the IGF 2013 is “Building Bridges – Enhancing Multi-Stakeholder Cooperation for Growth and Sustainable Development.” The sub-themes for the eighth IGF are as follows:

• Access and Diversity – Internet as an engine for growth and sustainable development
• Openness – Human rights, freedom of expression and free flow of information on the Internet
• Security – Legal and other frameworks: spam, hacking and cyber-crime
• Enhanced cooperation
• Principles of multi-stakeholder cooperation
• Internet governance principles

2nd ISOC Singapore Chapter Annual Business Meeting

All ISOC Members are cordially invited to attend the 2nd ISOC Singapore Chapter Annual Business Meeting.

Date: Friday, 23 August 2013
Time: 6.30PM to 8.30PM
(Registration begins at 6.15PM)
Venue: Blue Bali House
41D Cluny Road, Singapore 259600
Tel: 6733 0185

To register, please click here to complete the form, and no later than
Thurs, 15 August 2013.

If you have further queries regarding registration and administrative details, please feel free to contact Ms Yvonne Lim.

How MDA’s new Licensing Regime will affect YOU

Event Report:

How MDA’s new Licensing Regime will affect YOU

Date: July 4, 2013
Venue: Singapore Computer Society Resource Centre, 53 Neil Road, Singapore 088829 (ground floor meeting room)

Click here for Benjamin Ang’s (Lecturer BUS/LAW) live blog report from the event.

Today Online‘s report from the forum: “MDA working with licensed news sites to make new rules ‘clearer’”

The Straits Times on Mr Aubeck Kam’s remarks: “No major changes likely for online licensing rules

The Online Citizen‘s report and comments.
The panel of speakers at the event

• Mr Aubeck Kam, Permanent Secretary for the Ministry of Communications and Information
• Mr Bryan Tan, Partner at Pinsent Masons
• Mr Kuek Yu-Chuang, Internet policy expert

“Let me start by putting this in some historical context,” said Harish Pillay of the Singapore Computer Society in his opening remarks. As one of the editors of the pioneering Singaporean site Sintercom (, he spoke about the 1996 Internet Regulations Workshop that first bought up issues of class licensing, content filtering and registration of sites.

Established in 1994, Sintercom was one site that “died along the way” because of new regulations. A note was sent to the editors in 2001 requiring them to register the site. “I felt that the registration process was a bit onerous,” Pillay said. “Requiring details like my salary and so on…it didn’t make sense to me.” The site shut down soon after.

The first speaker, lawyer Bryan Tan, pointed out that the new regulations werebest understood as an extension of existing class licenses, the Internet Code of Practice (1996) and the Electronic Transactions Act (2010). The additions to the 2013 rules from the MDA, requiring news websites that meet a certain criteria of coverage and readership to apply for a license, included:

1. A requirement to comply with MDA requests for takedown within 24 hours, and
2. A performance bond of 50,000$ (consistent with niche TV broadcasters).

The keyword here was consistency, bringing online news sites in line with traditional media outlets.
Mr Tan then raised a number of issues in need of further discussion: Is it beneficial, he asked, to have open ended drafting, as it allows regulators to deal with new situations and threats quickly? “A lot of the messaging about the new rules from the MDA seemed to be that it’s a big change,” he said. “But it hit the headlines and resurfaced constantly.”

He pointed out that the clarification to the MDA rules was posted on Facebook –what weight does a Facebook note carry legally? Is it equivalent to a statute, a rule, or even a debate in parliament?

The next speaker, Mr Kuek Yu-Chuang, took on the question of whether similar systems existed elsewhere in the world. “This issue is not uniquely Singaporean,” he said.

Pointing to Australia, he noted a recent issue of objectionable humour against the Aboriginal community – “It was offensive, and unacceptable…and at the same time, there was difficulty in taking down the content,” He said.

The internet’s lack of boundaries meant a strong need for what Mr Kuek called “calibration” in terms how Singapore responds vis-a-vis other jurisdictions grappling with the same issue. “Otherwise, we run the risk of Balkanizing or fragmenting the Internet,” he said.

He added that people respond differently to different media, so the idea of parity between print, online and broadcast has to investigate these differences. He concluded by asking: “If we think that a lot of content out there is inaccurate, and carries the risk of social disorder – one of the policy questions needs to be: ‘if this is the reality of the Internet – how can we get Singaporeans ready, mature and savvy to handle this?’”

Aubeck Kam, the Permanent Secretary of the MCI, was the last speaker. The new MDA rules were necessary, he said, as readers make important decisions based on information they receive. Online sites, as news providers, carried the same special responsibility that traditional news outlets have.

He outlined some of the challenges with self-regulation of the media (such as the News of the World scandal in the UK), and argued that the view that all regulation was unnecessary was “simplistic.”

“We are not the first country to regulate the media, and we will not be last,” he said.

Mr Kam pointed out that the trend of media convergence required a more consistent regulation framework, as different mediums and forms overlapped constantly.

He clarified that MDA has not banned any news sites, and has never ordered removal of content that is critical of the government. “What has changed is that the 10 sites under the licensing rules have moved from a class license to an individual license,” he said, and paid a performance bond. The bond, he added, does not need to be paid in full, and a banker’s guarantee is often enough.

In a vociferous question-and-answer session, Kam noted that one of the areas being “relooked” at was the liability of the licensed news websites for third-party content, a point raised in a letter to the MDA from the Asia Internet Coalition (AIC).


Personal Data Protection Act Workshop

Home | Registration | Programme | Speakers | Report


How to keep your business safe under the Personal Data Protection Act


Reaching out to a business’ customers isn’t just a question of marketing savvy and clever ad copy – it’s also a legal issue.


Singapore’s new Personal Data Protection Act (PDPA) requires business needs to check for compliance when collecting, using or disclosing the personal data of customers. The risks of non-compliance are stark – ranging from customer complaints and civil liability to fines of up to S$1 million.


On May 3, the Internet Society (ISOC) Singapore Chapter organized a workshop on the Personal Data Protection Act, and how businesses could stay safe.


Mr David Alfred, the chief counsel of the newly instituted Personal Data Protection Commission (PDPC), delivered a keynote address outlining the history, scope and reach of the act. He disaggregated the definition of terms like ‘personal data’ (which, for instance, includes your handphone number but not your business’ address) and delineated the scope of upcoming schemes such as the ‘Do Not Call’ regime (marketing campaigns and ads are covered, but not market research or surveys). The PDPA, he said, would enhance Singapore’s reputation as a data processing hub, and bring it on par with international standards.


Benjamin Ang, a lecturer on Intellectual Property Law with Temasek Polytechnic, outlined a set of recommendations for businesses and individuals to transition towards compliance with the new act. Businesses must be transparent with their handling of data, he urged, and set up a complaints response process.


By the end of the workshop, the myriad legal issues lurking behind the constant barrage of sales promotions, loyalty cards and tele-marketing calls were clearer. More than 50 participants, from entrepreneurs and university students to professionals from various industries and backgrounds, asked pointed questions and discussed legal concepts and real-world applications.








DSC_0264 DSC_0285 (1) DSC_0291 (1) DSC_0285


IPv6 Launch Anniversary

Date: Thursday, 13 June 2013

Time: 5pm to 8pm

Venue: Club Lava @ Chijmes

“The future is IPv6,” said Vice-chairman Sanjeev Gupta of the Singapore IPv6 forum, “and as migrants to that future , we might as well get ahead of the curve and integrate. “

Mr Gupta was speaking at an IPv6 Launch Anniversary event at Chijmes on 13 June 2013, organised by Progreso Training and the IPv6 Forum with support from the Singapore Internet Research Center (SiRC) and ISOC Singapore.

Sanjeev Gupta speaking at the IPv6 Launch Anniversary event.

Sanjeev Gupta speaking at the IPv6 Launch Anniversary event


Around 70 people turned out for the event, a mix of Network Engineers, IT Managers, C-Levels and other ICT professionals. The discussions, over snacks and beverages in a casual, laid-back atmosphere, focused on the latest IPv6 adoption numbers, and challenges still ahead.

While the future may look promising, Mr Gupta underscored the fact this year, 2013, was “not the year of IPv6”. Traffic via IPv6 networks remains miniscule as a percentage of total traffic, and attendees hypothesized that no large public network would become V6-only anytime soon.

Yet marginal gains are being made. While Singapore is slow to adopt (Mr Gupta attributes it to lower growth rates due to its status as a mature ICT economy: “Your business will not collapse if you don’t shift to v6”), growth in other ASEN countries such as Indonesia and the Philippines is, in his words, “exploding.”

That in turn, discussants said, would spur government mandates and industry regulators in Singapore to push and adopt IPv6.

Attendees then discussed issues of planning, technology choice, evaluation and deployment – focusing on the nitty-gritties of what this would mean for Network Components/Infrastructure, Client Devices, and Services Readiness.

“Growth in IPv6 is at the edges,” Mr Gupta said. “And we have the edges!”

Event attendees at Club Lava in Chijmes

Event attendees at Club Lava in Chijmes