Guidelines on Security and Privacy for Installation of CCTVs and Monitoring Devices at Workplaces

131 Mr Desmond Choo asked the Minister for Manpower (a) what is the current policy or guidelines for employers installing CCTVs or other monitoring devices at workplaces; and (b) how are issues of safety and security balanced with workers' privacy.

Dr Tan See Leng: Under the Personal Data Protection Act (PDPA), organisations are required to comply with obligations if they undertake activities relating to the collection, use or disclosure of personal data. These obligations apply to the use of surveillance cameras as well as other monitoring devices at the workplace, where personal data is collected.

Surveillance cameras and monitoring devices are useful tools in addressing safety and security concerns at the workplace, such as helping companies monitor high-risk work activities and deterring unsafe work behaviour. As organisations strive towards better workplace safety and health outcomes, they must also ensure that they comply with their PDPA obligations to protect their workers’ personal data.

For example, organisations should set out clear rules on how and where these devices will be used; devices should be deployed only at locations with safety and security concerns and not at private areas, such as restrooms. Organisations must inform workers of the purpose of the device, such as through the employee handbook or easily accessible human resource policies. Organisations must also implement data protection safeguards and controls on the storage and use of recordings, including the duration to retain such personal data. These details are in the Advisory Guidelines on Key Concepts in PDPA.