A Bill restricting the use of personal contact tracing data in criminal investigations to only serious crimes, such as murder and terrorism, was passed in Parliament yesterday, with assurances of safeguards to protect people’s data.
This comes after a public outcry when it was revealed last month that the police could use TraceTogether data for criminal investigations as well as for contact tracing.
The safeguards in place include deleting TraceTogether and SafeEntry data for Covid-19 contact tracing from government servers when the pandemic is over, as well as encrypting any extracted data used for investigations by the police and restricting its use to only seven categories of serious crimes.
Leader of the Opposition Pritam Singh also rose in support of the proposed law, urging Singaporeans to download the TraceTogether app or use the token because the safety of the community is at stake.
Speaking at the start of a debate on the Bill yesterday, Foreign Minister Vivian Balakrishnan assured Parliament that the Government’s intention in introducing it urgently was to remove any doubt among Singaporeans and assure them the data will be properly safeguarded and used appropriately.
This is so that “we may continue to focus our attention towards battling… the Covid-19 global pandemic”, said Dr Balakrishnan, who is also Minister-in-charge of the Smart Nation Initiative.
“This is crucial because the virus is a clear, present and… growing threat. And it will remain so for some time. We cannot afford to be distracted from our fight against Covid-19,” he said.
Besides TraceTogether and SafeEntry data, the Bill covers the private sector’s BluePass programme, which contributes data to TraceTogether.
Dr Balakrishnan added that limiting the use of contact tracing data with the proposed law is “a result of a delicate balance between the right to public health, the right to public security and respecting the sensitivity of personal data during this extraordinary time”.
Safeguards to protect people’s contact tracing data include deleting the data in the TraceTogether app or token, as well as SafeEntry servers, after 25 days, so the police cannot request the data after it has been purged, he said.
Also, no other written law can override the protections offered by the Bill, which Dr Balakrishnan said was an added assurance that public agencies may not use contact tracing data for anything else.
Dr Balakrishnan also said that the Government acknowledged its error in not stating that contact tracing data from TraceTogether is not exempt from the law on criminal investigations, saying: “I take full responsibility for this mistake, and I deeply regret the consternation, the anxiety that was caused by my mistake.”
As part of further safeguards, only officers who hold the rank of inspector or higher can request the data, said Minister of State for Home Affairs Desmond Tan.
Eighteen MPs who debated the Bill also raised many issues. These included concerns that the Bill would set a precedent in res-tricting the authorities from having access to information for future investigations.
Some called for the proposed law to expand on the list of crimes that the data could be used for, while others felt trust had been broken since assurances were given last year that the data would be used only for contact tracing.
Dr Balakrishnan clarified that SafeEntry data has been used by the police for investigations into offences before. He also said that the new legislation does not set a precedent, adding that it is sui generis – or unique.
“It is not in the public interest to deny the police access to data necessary to ensure public safety and the proper conduct of justice.”
