Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


III. Privacy issues

Legislative and policy responses to terrorism

The Internal Security Act (ISA) is legislation aimed at countering the perceived threats to national security, including international terrorism.1 ISA has provisions for arrest and detention without warrant or judicial review if police authorities determine that national security, public safety and order, or the public interest is at risk. It has been used to deal with security threats, and, recently, the government employed it against suspected terrorists. The opposition called for its abolition many times, which the government rejected every time.2 The minister of Home Affairs, at the direction of the president, has broad discretion under ISA to order detention without filing charges, if the president determines that a person poses a threat to national security. At the end of 2006, 26 detainees were being held as suspected terrorists.

In response to the terrorist attacks in the United States on September 11, 2001, Singapore strengthened its anti-terrorist efforts by passing laws that codified United Nations resolutions to punish criminally the funding of terrorist activities and the making of false terrorist threats.3 In this respect, Parliament passed the Terrorism (Suppression of Financing) Act in July 2002, which punishes those found sheltering or dealing with the property of terrorists, and withholding financial information of terrorist acts.4

In June 2002, Singapore proposed that Asian and European law enforcement agencies organize a system to share intelligence information to combat terrorism and organized crime.5 In November 2003, the Computer Misuse Act was amended to allow authorities to launch pre-emptive actions against suspected hackers based on "credible information" linking the suspect to planned attacks on sensitive information networks.6 Reporters Without Borders warned against potential abuses, because the amendment allows continuous surveillance of suspects through real-time monitoring software.7

In late 2003, Singapore's Home Affairs Minister urged countries to develop biometric-enabled passports in order to "prevent terrorist from moving freely."8 During his five-nation tour of Asia in 2004, US Secretary for Homeland Security Tom Ridge met with Singapore defense officials to "explore opportunities for closer cooperation as part of the international exchange and sharing of information and knowledge."9

In 2006, Singapore introduced the BioPass, a biometric e-passport embedded with a chip featuring fingerprint and facial identifiers.10 The BioPass also has enhanced security features, like multiple laser images that are tamper-resistant.11

Other developments

In March 2003, the Ministry of Finance and the Central Provident Fund Board created "SingPass," the "online equivalent of the Identity Card."12 SingPass is a single, user-created password Singaporeans must use to access electronic government services.13 Individuals over the age of 15 may apply for SingPass, and it will be automatically issued to individuals who register for a national identity card.14 Singaporeans can access electronic government services through the "eCitizen portal."15

In early 2001, the Ministry of Health launched, an Internet-accessible medical database.16 holds all patients' records from all hospitals and clinics in Singapore and is available to government and private doctors in Singapore and abroad. Because records are accessible only with a patient's username and password, physicians must obtain a patient's permission before obtaining medical information.

An extensive Electronic Road Pricing (ERP) system for monitoring road usage went into effect in 1998. The system collects information on an automobile's travel from smart cards ("CashCards") plugged into transmitters in every car (in-vehicle units, or IUs) and in video surveillance cameras.17 ERP collects tolls. Video surveillance cameras monitor drivers attempting to circumvent the system. About 1,500 summonses were issued in a six-month period in 2003-2004 for such violations.18 The service claims that the data will only be kept for 24 hours and does not maintain a central accounting system. In 2005, a new generation of smarter ERP IUs was evaluated. The new system functions without insertion of cash cards, any time a vehicle passes under a gantry or enters into an ERP-equipped carpark.19 A similar program, the Electronic Parking System, is now being adopted in parking garages throughout Singapore as well.20

In April 2003, Singapore added SARS to the Quarantine Act, a law that had previously been dormant for 27 years.21 Measures taken to combat SARS included contact tracing and the thermal-imaging detection of body temperatures in public places.22 To prevent violation of quarantine orders, the government ordered a 10-day quarantine of individuals suspected of having SARS. Security officials installed cameras into the home of individuals who had received quarantine orders and required them to appear before the camera at specific intervals.23 Also, officials would call the suspected individual's home as an additional check to enforce the quarantine, and his telephone company would be ordered to block any attempt to forward home phone calls to mobile phones to make sure that the individual does not leave the home.24 The government also planned to use electronic wristbands if suspected individuals did not answer phone calls.25 One man in Singapore was sentenced to six months in prison for "repeatedly flouting home quarantine orders."26

Radio frequency identification (RFID) tags first appeared in Singapore in 1988, when the Electronic Library Management System deployed a book management and checkout system featuring 120,000 RFID tags.27 Later, in 2000, the National University of Singapore Library unveiled a multi-library system utilizing more than two million RFID tags, making it the largest library RFID project in the world.28 In 2004, IDA announced a three-year USD 10 million plan to spur greater RFID use,29 which was later matched by the industry to invest in RFID trial projects and infrastructure development.30 IDA committed itself to developing international RFID standards, aligning the frequency spectrum, and initiated talks with United States RFID development leaders, including Auto-ID Labs at the Massachusetts Institute of Technology.31 In 2005, RFID increasingly attracted the attention of the major technology players of the region that consider RFID as a huge revenue generator in years to come in several areas, such as airports, seaports and retail logistics applications. However, major concerns remain such as cost, lack of common standards and privacy.32

IDA launched a trial program in February 2004 to stimulate the development of ultra-wideband technology. This will be used in products that "can see through walls and track vehicles or objects."33

The Economic Review Committee of Singapore has identified nanotechnology as a key area for competitive advantage and development.34 The police force is currently testing a new fingerprint dusting technique which uses "nanoparticles to lift trace chemicals" from fingerprints.35 This technology allows for identification of suspects who have recently used illegal substances, or handed explosives. In the future, the technology should allow for identification of ethnicity, diet, and gender as well.36

Late in 2004, the government launched a giant e-government project. The project introduced a portal ( that draws together around 1,600 different services through various ministry Web sites. It offers everything from sports ground bookings to collecting payments for traffic fines, credit card bills and TV licenses.37 In 2004, the government also introduced the national electronic payment hub plan.38 The hub enables people to pay their government bills, town council fees, or even mobile phone subscriptions by going to a single Web site.39 The government has said that its data privacy protection code - which controls how the government processes, uses and shares information - would apply to any public-private sector project. The code restricts the sharing of information among government agencies to the specific purpose for which the information was collected. It also prohibits agencies from disclosing data to commercial companies without explicit approval from the individual concerned. Private companies that would connect with the government to provide services on the Web site have to comply with the same rules.40 However, the government has not determined yet what penalties would apply for breach of these rules. Most importantly, there are still critical concerns about the potential information security risks these projects raise. They involve data access, sharing and management, the integrity and accuracy of the data, and the potential for hacking and fraud.41

The Bioethics Advisory Committee of Singapore (BAC) drew up guidelines to ensure that individuals undertake genetic testing voluntarily and to protect their privacy and the confidentiality of their information. Among the 24 recommendations BAC issued, one is that the results of genetic tests should not be disclosed to third parties, unless the person concerned consents.42 The group has also conducted studies on the ethics of stem cell research, as well as the use of human tissue for research. In 2007, they also developed new guidelines for the use of personal information in biomedical research.43