Singapore to form advisory council for ethical use of AI
Jun21

Singapore to form advisory council for ethical use of AI

Earlier this month, the Singapore Government announced the formation of an Advisory Council on the Ethical Use of Artificial Intelligence (AI) and Data as part of a wider push to support Singapore as a global hub for AI development and innovation. The council will be chaired by former Attorney-General VK Rajah, and will consist of representatives from technology companies and users of AI. What is the role of the Advisory Council? The Advisory Council will lead discussions and provide guidance to the Singapore Government on the responsible development and deployment of AI. It will work with key stakeholder groups on ethical issues arising from the use of AI. This will include working with industry to understand issues arising in the private sector; working with consumer advocates to understand consumer expectations in respect of AI; and working with the investment community to increase awareness of the need to incorporate ethical considerations in their AI investment decisions. Why is Singapore forming such an Advisory Council? AI is becoming an increasingly integral part of life in Singapore as the Government executes its “Smart Nation” initiative. For example, local bank OCBC has developed an AI-based automated chat system called Emma that can communicate with customers and work out home loans; scientists at A*star’s Genome Institute of Singapore are using AI to pinpoint the roots of gastric cancer by scanning the entire genomes of a few hundred gastric cancer tumours; and researchers from the Saw Swee Hock School of Public Health and Singapore’s National Environment Agency has developed an AI agent to forecast dengue incidence up to four months ahead by learning the seasonal patterns of dengue cases over the last decade. These are just a few recent use cases as, with top-down support from the Government, Singapore embarks on an effort to position itself as a global centre of excellence in AI. Putting in place the Advisory Council, as part of a wider set of initiatives in the AI space, is the start of an effort to build a framework for trust in AI. What does “ethics” mean in this context? In making the announcement, the Infocomm Media Development Authority (IMDA) provided its own definition of “ethics” in the context of AI: “Ethics encompasses issues surrounding fairness, transparency and the ability to explain an AI’s decision.” This is a concept that will no doubt develop in the coming years but by providing a definition and, in particular, emphasising a need for AI to be able to explain itself, the IMDA appears to be setting out in general terms what it considers to be “ethical” in the context of AI. What else is Singapore...

Read More
New direct marketing act and other proposed amendments to the PDPA
May30

New direct marketing act and other proposed amendments to the PDPA

Key takeaways Singapore’s Personal Data Protection Commission (PDPC) is proposing a new act on direct marketing that will combine the provisions in the Spam Control Act with the Do-Not-Call provisions in the Personal Data Protection Act (PDPA). The new act will also include some changes to streamline the regulations for all unsolicited commercial messages. A new Enhanced Practical Guidance framework has been proposed that will allow the PDPC to provide “determinations” with regulatory certainty on whether specific business activities are PDPA-compliant. A review of the existing exceptions to the consent obligation set out in the Second to Fourth Schedules to the PDPA will be undertaken, with a view to updating them for continuing commercial relevance. The deadline to submit comments on these proposals is 5pm on 7 June 2018. What you need to know about this Public Consultation On 27 April 2018, the PDPC released a Public Consultation Paper with a number of proposed changes to the PDPA. This Public Consultation follows in the wake of two recent public consultations conducted last year which dealt with proposed guidelines on the use of NRIC numbers, enhancements of the way in which data is collected, used and disclosed, and on the introduction of a data breach notification regime. We discuss some of the key proposals of this Public Consultation below. 1. New act to merge direct marketing regulations Unsolicited commercial messages are currently regulated under two Acts – the PDPA and the Spam Control Act (SCA). Presently, the SCA applies to electronic messages (i.e. email and text messages) sent in bulk, while the Do-Not-Call (DNC) provisions of the PDPA applies to marketing messages sent to a Singapore telephone number. The PDPC proposes to merge the SCA and the DNC provisions of the PDPA into a new act that will govern all unsolicited commercial messages, mirroring the approach taken in other jurisdictions such as Hong Kong and the United Kingdom. The new act will also introduce some additional changes including the extension the DNC provisions to all unsolicited marketing text messages sent to Singapore numbers (not just those sent in bulk) and by extending the SCA provisions to unsolicited messages sent through instant messaging platforms (e.g. WhatsApp and LINE). Amendments are also proposed to align the time period afforded to organisations to effect a withdrawal of consent or unsubscribe request from an individual. These changes are intended to reduce ambiguity for organisations in complying with different requirements when sending marketing messages. 2. New Enhanced practical guidance framework The PDPC proposes to introduce a new Enhanced Practical Guidance Framework to supplement the existing general advisory guidelines and guides it publishes. The proposed Framework...

Read More
IMDA releases long-awaited proposed changes to the Films Act
Dec08

IMDA releases long-awaited proposed changes to the Films Act

  On 4 December 2017, the Info-communications Media Development Authority of Singapore (“IMDA”) released its long-awaited public consultation paper on the proposed changes to the Films Act (Cap. 107). Minister for Communications and Information, Yaacob Ibrahim, first indicated in January of this year that the government was looking to amend both the Films Act and Broadcasting Act to take into account changes in technology. One broad theme that emerges from the proposed amendments is the fact that the IMDA is focussing its regulatory efforts on the distribution and public exhibition of films. While changes are also proposed to include digital streaming technology under the regime, the emphasis on “public exhibition” indicates that IMDA is, for the purposes of the current consultation at least, taking a lighter-touch approach to regulating consumer-focussed over-the-top video streaming services. There are several proposed amendments, but this post sets out the four key proposals you should be aware of. Four key proposed changes Formalisation of co-classification scheme. Following successful trials in 2011 and 2015, IMDA now proposes to formalise its industry co-classification scheme. This scheme allows employees of industry players to register and be trained as film content assessors. These industry players will then be allowed to independently co-classify films up to the PG-13 rating through their film content assessors. Safeguards will be put in place to ensure the system is not abused, such as IMDA’s right to conduct sample audits of films that have been co-classified and penalties for misclassification. Introduction of video games class licence. Currently, video games are often submitted for classification by wholesale distributors. For video games classified as M18, point-of-sale requirements are attached to the classification certificate issued by IMDA (e.g. ensuring the games are not sold to under-aged consumers). The downstream retailers that sell the video games to consumers are often not made aware of these requirements, defeating their purpose. IMDA proposes introducing an automatic class licence scheme for retailers that sell video games on physical media (e.g. on DVDs) to make them directly responsible for complying with the point-of-sale requirements. The licence will be automatic with no registration required, and will not involve the payment of any licence fees. Clarification that the films licence is only intended to apply to the distribution and public exhibition of films. IMDA has clarified that its films licensing scheme is only targeted at the distribution and public exhibition of films and is proposing amendments to reflect this. Amendments will also be made to ensure that films publicly exhibited by means of streaming or other digital transmission are also included under this scheme. In determining what is a “public exhibition” requiring a licence,...

Read More
The Hotel of the Future: Legal Considerations in Hotel Innovation
Oct17

The Hotel of the Future: Legal Considerations in Hotel Innovation

Imagine having your luggage checked straight to your hotel as you alight from your plane, and the next time you see it will be in your hotel room. Lugging of bags from the airport to the hotel may become a thing of the past. Or imagine using your phone to access your room as well as attractions, instead of having to juggle multiple access cards and tickets. This “Hotel of the Future” may soon be a reality, if the recommendations of Singapore’s Hotel Innovation Committee (HIC) are followed. The HIC was formed in February 2016 to oversee the industry’s adoption of innovative solutions, following the recommendations of the Hotel Industry Expert Panel Report. The HIC has released its Best Practices Guide for Hotels in July 2017, and they are currently evaluating submissions received for the Tourism Innovation Challenge for Hotels, a crowd-sourcing pitch exercise. In this post, we look at the opportunities that these developments bring for the hotel industry and comment on some of the key legal considerations for the “Hotel of the Future”, mapped to some of the HIC’s recommendations. The innovation opportunity The hotel sector is well positioned to reap the benefits that technology may bring, driven by rising demand from increasingly sophisticated travellers, and greater applicability of technology in providing a more seamless experience. Innovation will be fundamental in transforming the hotel sector towards productivity driven growth. This is especially important in light of the increased competition as seen in the rise in the number of hotel rooms in Singapore in recent years. Between 2012 and 2016, total available room nights rose by nearly 30% from 12,477,908 in 2012 to 16,161,862 in 2016, which dampened revenue by approximately 12% (average revenue per available room dropped from $226 in 2012 to $198.8 in 2016). Key legal considerations 1. Privacy and data protection – Responsible collection and usage of information As guests connect via a growing number of digital touchpoints, hotels will generate and collect more data than ever before, whether via wearable technology (for in-house payments, room access and even entry to attractions), targeted marketing (such as providing tailored sightseeing recommendations) or loyalty programmes. With all of this data comes the obligation to comply with data protection laws – including, in particular, the Personal Data Protection Act (PDPA). Organisations need to have robust processes and systems in place. Not only is compliance a legal requirement but it is also good business practice. Taking steps such as being transparent about data collection practices, obtaining appropriate consents and keeping data secure will be key to building a trusted relationship with guests in the Hotel of the Future. Our...

Read More
Introducing Singapore’s new draft Cybersecurity Bill
Jul12

Introducing Singapore’s new draft Cybersecurity Bill

On 10 July 2017, Singapore’s long-awaited draft Cybersecurity Bill was introduced. This is a timely development, especially in view of recent cybersecurity attacks such as the Advanced Persistent Threat attacks targeting two of Singapore’s universities and the global WannaCry and Petya / Petna malware attacks. As a small and highly connected nation, Singapore is dependent on info-communications technology, and cybersecurity threats need to be taken seriously. Attacks on critical information infrastructure (CII) systems that manage utilities, healthcare, transportation and other essential services can lead to disruptions that can cripple Singapore’s economy and lead to loss of life. Even though the current Computer Misuse and Cybersecurity Act (CMCA) already has some provisions on cybersecurity, it primarily concerns cybercrime such as e-commerce scams and hacking. This draft Cybersecurity Bill caters more broadly to the security of a computer or computer system against unauthorised access or malicious acts, to preserve their availability and integrity, or the confidentiality of information stored or processed in them. The intention behind the draft Cybersecurity Bill is to have a coordinated national approach to cybersecurity, and ensure that CIIs across all sectors are protected consistently. Its provisions will apply equally to both public and private sectors. The following are the key provisions under the draft Cybersecurity Bill: Appointment of Commissioner and Powers. The powers of the Cybersecurity Bill will vest in the Commissioner of Cybersecurity, who has various functions including the overseeing and maintenance of cybersecurity in Singapore. Critical Information Infrastructure. CIIs are computers or computer systems that are necessary for the continuous delivery of essential services that Singapore relies on, the loss or compromise of which will lead to a debilitating impact on national security, defence, foreign relations, economy, public health, public safety or public order of Singapore. Currently, essential services have been identified in 11 sectors, including utilities, banking and finance, media, info-communications, healthcare and transportation. The owners of CIIs, which are defined as persons with, amongst others, effective control over the operations of the CII, have certain statutory duties, including the duty to comply with codes and directions, to conduct audits and risk assessments, to report cybersecurity incidents including any incident that occurs in respect of the CII and any incident that occurs in respect of any computer or computer system under the owner’s control that is interconnected with or communicates with the CII, and to participate in cybersecurity exercises. Responses to Cybersecurity Threats and Incidents. If there is a cybersecurity threat or incident, the Commissioner can choose to investigate it in order to determine its impact, to prevent further harm and to prevent further incidents. These investigative powers can be delegated to authorised...

Read More