Singapore security firms raise concerns over new NRIC collection guidelines

Security firms in Singapore have raised concerns over the new guidelines banning organisations from using and collecting National Registration Identity Card (NRIC) numbers from September next year, even as consumers cheer the move. While some security agencies providing services to private condominiums and commercial buildings already have some measures in place to abide by the new rules, others said it will need some time to tweak work processes.

From Sept 1 next year, organisations will not be allowed to collect, use and disclose NRIC numbers, the Personal Data Protection Commission (PDPC) announced . They are also not allowed to make copies of, or retain the physical cards, except under specific circumstances. The new guidelines do not apply to the public sector or critical infrastructure buildings.

Agencies acknowledged that these measures will have some impact on their work. Some raised issues in terms of balancing the need for maintaining security, and also abiding by the new guidelines.

One alternate measure suggested by the PDPC includes providing the last three numerical digits of a NRIC and checksum. But Ms Manjit Kaur, director of Deep Security Services, noted that this might make it “difficult to trace back” in the event something happens.
Similarly, president of the Association of Certified Security Agencies (ACSA) Robert Wiener, pointed out that without an identity document like the NRIC, it would be a challenge for security guards of private residences, for example, to accurately identify individuals who are suspected of breaking into an apartment or condominium complex.

Noting that it is currently common practice for NRICs to be used in exchange for a building access pass, Reachfield Security and Safety Management’s general manager Grace Lim said another issue that could arise is when there is nothing of value to exchange for an access pass, especially in a commercial building. “How do you make sure the person returns it? What if they run away with it? Then we will have another security issue at hand,” Ms Lim said.

Nevertheless, her company has tweaked its visitor management systems about two months ago to omit the NRIC number in its entirety. Ms Lim said the company’s system now only shows the visitor’s NRIC last three digits, and checksum, when an IC is scanned. Mr Shane Shim, general manager of Westminster Investigation and Security Management, said that one concern was members of the public “misusing…or misunderstanding the rules”, thinking that they do not need to – and refusing to – show their NRIC in any circumstance

Previous articleIsrael’s Cyberbit banks on the rising demand of cybersecurity in India
Next articleDefence Ministry begins process to acquire 6.5 lakh assault rifles