Grant / January 2020

Data Security Breach Notification in Singapore: The Role of the Data Privacy Officer in Enhancing Trust Relationships

This project will examine how the voluntary data security breach notification mechanism found in Singapore’s Personal Data Protection Act has been implemented by private organizations in their policies and practices. Applying comparative and qualitative methods, including interviews with chief data privacy officers, the researchers seek to understand organizational behavior in compliance with data security regulations, and to find a regulatory design that provides adequate assurance while encouraging organizations to take risks by acting in a trustful way beyond legal compliance toward affected individual consumers.