PDPC Will Ensure Balanced Guidelines on IC Use

11 Jan 2018

Forum reply on The Straits Times, 11 January 2018

We thank Mr Shah Pakri for his letter (Address issues that may arise with proposed rules on IC use; Jan 1)

The proposed NRIC guidelines by the Personal Data Protection Commission (PDPC) do not restrict private sector organisations from collecting identity card (IC) numbers when it is required by law or necessary to verify a person's identity.

However, the building management must put in place measures to ensure that the IC details collected are properly secured.

In general, building management should not retain the ICs of individuals as the collection of the personal data should be sufficient for verification.

With respect to public sector agencies, members of the public must comply with procedures where identity verification is required.

In November last year, the PDPC sought feedback on the proposed guidelines.

In the finalised guidelines that will be released later this year, the PDPC will ensure that there is a balance between protecting individuals from indiscriminate collection, use and disclosure of IC numbers, and the legitimate needs of organisations.

The PDPC will not prescribe the types of identifiers that organisations should adopt in place of the IC or IC numbers, given the varying needs of businesses.

Nonetheless, we will share best practices in the industry to serve as a guide and to help organisations review their present procedures.

Evelyn Goh (Ms)
Director, Communications & Policy
Personal Data Protection Commission

Tags: