Case Details
- Citation: [2019] SGPDPC 12
- Court: Personal Data Protection Commission
- Date: 2019-06-06
- Judges: Yeong Zee Kin, Deputy Commissioner
- Plaintiff/Applicant: -
- Defendant/Respondent: Starhub Mobile Pte Ltd, M1 Limited and Singtel Mobile Singapore Pte. Ltd.
- Legal Areas: Data protection – Consent obligation – Withdrawal of consent
- Statutes Referenced: Personal Data Protection Act, Personal Data Protection Act 2012
- Cases Cited: [2019] SGPDPC 12
- Judgment Length: 18 pages, 4,791 words
Summary
This case concerns a complaint made by an individual mobile subscriber against the three major mobile network operators in Singapore - Starhub Mobile Pte Ltd, M1 Limited, and Singtel Mobile Singapore Pte. Ltd. The key issue was whether the operators could charge subscribers for the Caller Number Non-Display (CNND) service, which allows callers to prevent their phone numbers from being displayed to call recipients. The Personal Data Protection Commission (PDPC) investigated the matter and determined that the operators' practice of charging for CNND services contravened the consent requirements under the Personal Data Protection Act (PDPA).
What Were the Facts of This Case?
The complainant was an individual subscriber of Starhub Mobile's services. He had requested Starhub to withdraw his consent for his telephone number to be disclosed to call recipients. In response, Starhub informed him that he would need to activate the CNND value-added service, for which a one-time activation charge and monthly recurring charges would apply.
The complainant was not agreeable to paying these charges, as he believed that under the PDPA, he should not have to pay to prevent his telephone number from being disclosed. He therefore raised the matter with the PDPC, which then commenced an investigation into the CNND practices of all three major mobile operators in Singapore.
The PDPC's investigation found that when a call is made, the caller's telephone number is automatically transmitted from the caller's network to the recipient's network as part of the call routing process. This occurs regardless of whether the caller has activated CNND. The difference lies in whether the recipient's network is instructed to display or withhold the caller's number.
If the call recipient has enabled caller ID services, the recipient's network will forward the caller's number to the recipient's device. However, if the caller has activated CNND, the caller's network will transmit a "Presentation Restricted" indicator, which instructs the recipient's network to withhold the caller's number from being displayed. The successful withholding of the caller's number is dependent on cooperation between the caller's and recipient's networks.
What Were the Key Legal Issues?
The key legal issue in this case was whether the mobile operators' practice of charging subscribers for the CNND service contravened section 16 of the Personal Data Protection Act (PDPA). Section 16 of the PDPA provides that an individual has the right to withdraw consent for the collection, use or disclosure of his personal data.
The PDPC had to determine whether a subscriber's telephone number constitutes "personal data" under the PDPA, and whether the operators' requirement for subscribers to pay for CNND services in order to withhold their numbers from being disclosed amounted to a violation of the consent withdrawal right under section 16.
How Did the Court Analyse the Issues?
On the issue of whether telephone numbers constitute personal data, the PDPC rejected the operators' argument that mobile numbers do not constitute personal data, as a call recipient may not be able to identify the caller simply from the number alone. The PDPC cited its own advisory guidelines, which state that mobile numbers are likely to be personal data as they can uniquely identify or be associated with an individual.
The PDPC then considered whether the operators' practice of charging for CNND services contravened the consent withdrawal right under section 16 of the PDPA. The PDPC noted that the transmission of a caller's number to the recipient's network occurs automatically as part of the call routing process, regardless of whether CNND is activated. The CNND service merely instructs the recipient's network to withhold the display of the caller's number.
The PDPC found that by requiring subscribers to pay for CNND services in order to prevent their numbers from being disclosed, the operators were effectively making the exercise of the consent withdrawal right contingent on the payment of a fee. The PDPC held that this was not in keeping with the intent of section 16, which is to allow individuals to withdraw consent without undue difficulty.
What Was the Outcome?
The PDPC found that the mobile operators' practice of charging for CNND services contravened section 16 of the PDPA. The PDPC ordered the operators to cease charging subscribers for CNND services, and to provide the CNND service free of charge to any subscriber who requests it for the purpose of withdrawing consent to the disclosure of their telephone number.
Why Does This Case Matter?
This case is significant as it clarifies the scope of an individual's right to withdraw consent under the PDPA. The PDPC's decision makes it clear that organizations cannot impose conditions or charges on individuals who wish to exercise their right to withdraw consent for the disclosure of their personal data.
The case also reinforces the PDPC's position that telephone numbers, including mobile numbers, constitute personal data under the PDPA. This has important implications for how organizations handle and protect telephone number data.
More broadly, the case highlights the tension between an individual's data privacy rights and an organization's commercial interests. The PDPC's ruling sends a clear message that data protection laws will be enforced to safeguard individual rights, even where this may impact an organization's revenue streams or business model.
Legislation Referenced
Cases Cited
Source Documents
This article analyses [2019] SGPDPC 12 for legal research and educational purposes. It does not constitute legal advice. Readers should consult the full judgment for the Court's complete reasoning.