Back to Resources
AI Governance14 min read

AI & PDPA Compliance: What Singapore Businesses Must Know

How to deploy AI systems that meet Singapore's Personal Data Protection Act — consent, data minimisation, and on-device processing.

Haojun See
Haojun See

Founder & Director, On The Ground

Updated 26 May 2026

Why PDPA Matters for AI Deployments

Every AI system that touches personal data in Singapore falls under the Personal Data Protection Act. This isn't theoretical — the Personal Data Protection Commission has actively enforced against organisations whose AI and automated systems mishandled personal data. The enforcement reality in 2026: • Maximum financial penalty: S$1 million or 10% of Singapore annual turnover (2021 amendment) • The PDPC published 15 enforcement decisions in 2025, with three specifically citing AI or automated processing failures • Directions can require you to stop processing entirely — shutting down an AI system you've invested in • Published decisions name your organisation — clients, partners, and competitors see them Beyond penalties — the trust equation: For professional services firms (legal, accounting, consulting, healthcare), PDPA compliance isn't just a regulatory checkbox. It's the foundation of client trust. A single breach involving client data can destroy a practice: • Clients leave immediately (especially in legal and healthcare) • Professional regulatory bodies investigate separately (Law Society, SMA, ISCA) • Insurance claims spike and future premiums increase • Staff morale and recruitment suffer Why AI makes PDPA harder: Traditional data processing is relatively easy to govern — you know where data goes because you put it there. AI introduces new challenges: • Data flows are less visible. When a staff member pastes client information into ChatGPT, where does that data go? To servers in the US? Into training data? The answer depends on the service tier and terms — and most organisations don't check. • Purpose creep is natural. AI systems improve when fed more data. The temptation to repurpose collected data for AI training breaches purpose limitation unless you obtained sufficiently broad consent. • Third-party processing multiplies risk. Every AI vendor you use is a data intermediary. Their security, their sub-processors, their training policies — all become your responsibility to assess. • Outputs can reveal inputs. Even if you don't share raw data, AI-generated outputs can inadvertently reveal personal information from training or processing (the "memorisation" problem). The good news: PDPA compliance for AI is achievable with the right architecture and policies. The key is building compliance into your AI deployment from day one, not retrofitting it after launch.

Key PDPA Obligations Relevant to AI Systems

PDPA has nine main obligations. Five are directly critical for AI deployments: 1. Consent Obligation (Section 13) You must obtain valid consent before collecting, using, or disclosing personal data through AI systems. For AI, this means: • Your privacy policy must mention AI processing if it represents a use the individual wouldn't reasonably expect • Consent must be specific enough to cover the AI use case (not just "service delivery") • Deemed consent (Section 15) may apply for business contact information in B2B contexts • The "legitimate interests" exception (Section 17A, 2021 amendment) can cover some internal AI efficiency uses — but requires a risk assessment 2. Purpose Limitation Obligation (Section 18) Personal data collected for one purpose cannot be used for another without fresh consent. For AI: • Data collected for "providing legal services" cannot be repurposed for "training an AI model" without consent • Using client data to improve your AI system's accuracy likely constitutes a new purpose • Analytics and insights derived from personal data may constitute a new use • Solution: be explicit in your consent clauses about AI training and improvement 3. Data Minimisation (Notification Obligation + reasonable collection) The PDPC expects you to collect only what is necessary. For AI: • If your AI reviews contracts for clause types, it doesn't need client names — strip them • If your AI classifies customer inquiries, it may not need the full email thread — summarise first • Implement pseudonymisation by default: process AI tasks on de-identified data, re-link identifiers only in the output • The less personal data your AI touches, the lower your compliance burden 4. Protection Obligation (Section 24) You must protect personal data with reasonable security. For AI: • AI vendor security becomes your responsibility to assess (SOC 2, ISO 27001, penetration testing) • Data in transit to AI APIs must be encrypted (TLS 1.3 minimum) • Access controls: who in your organisation can submit data to AI systems? • Logging: maintain records of what data was processed by which AI system, when • Incident response: if an AI vendor is breached, can you notify affected individuals within the mandatory timeframe? 5. Transfer Limitation Obligation (Section 26) Transferring personal data outside Singapore requires safeguards. For AI: • Most cloud AI services (OpenAI, Anthropic cloud, Google AI) process data outside Singapore • You need one of: consent, binding corporate rules, comparable standard country, or contractual safeguards • On-device AI processing eliminates this obligation entirely — data never leaves Singapore • For cloud processing, verify the vendor's data residency options (some offer Singapore-region processing) The other four obligations (Notification, Access, Correction, Retention) also apply but are more straightforward to manage with standard data governance practices.

The On-Device Processing Advantage

On-device AI processing — running AI models on your own hardware rather than sending data to cloud services — is the single most effective PDPA risk reduction strategy for AI deployments. What "on-device" means in practice: An AI model (large language model, classifier, or document processor) runs on a computer you own and control — your Mac, your office server, or a Singapore-based private cloud instance. Client data is processed locally. Nothing leaves your network. PDPA benefits of on-device processing:Section 26 (Transfer) — eliminated. No data crosses borders. The most complex compliance challenge disappears entirely. • Section 24 (Protection) — simplified. You control the security perimeter. No third-party vendor security to assess. No supply chain risk from sub-processors. • Section 18 (Purpose) — clearer. You control exactly what the AI does with data. No ambiguity about vendor training policies. • Section 24A (Breach notification) — reduced scope. Breach risk is limited to your own infrastructure, which you control and can harden. What's possible on-device in 2026: The hardware and model landscape has matured dramatically: • Apple Silicon Macs (M3/M4 Pro/Max/Ultra) — Run 7B–70B parameter models locally. Sufficient for document review, classification, summarisation, and drafting. A Mac Studio with M4 Ultra handles most legal and professional services AI tasks. • Quantised models — Models like Llama 3, Mistral, and Phi-3 can be quantised to run on consumer hardware without significant quality loss for focused tasks (document classification, extraction, template completion). • Local inference frameworks — Ollama, llama.cpp, LM Studio, and Apple's own MLX framework make running models locally straightforward. No ML engineering required. Performance comparison (typical legal document tasks): | Task | On-device (M4 Max, 70B model) | Cloud (Claude Opus) | |------|------|------| | NDA clause extraction | 8 seconds | 3 seconds | | Contract summary (10 pages) | 25 seconds | 8 seconds | | Risk flag identification | 12 seconds | 4 seconds | | Template draft generation | 30 seconds | 10 seconds | On-device is slower but not dramatically so for most practical tasks. The compliance benefits far outweigh the speed difference. When cloud is still appropriate: • Non-confidential research (public case law, statutory interpretation) • Internal productivity tasks not involving client personal data • Tasks requiring the absolute largest models (complex reasoning across very long documents) • When you've implemented proper pseudonymisation and stripped all personal identifiers Our architecture recommendation: Hybrid deployment. On-device for all client-confidential processing. Cloud (with enterprise-tier no-training agreements) for general research and non-personal-data tasks. This gives you PDPA compliance where it matters most without sacrificing capability for non-sensitive work.

AI-Specific Guidance from PDPC

The Personal Data Protection Commission has published several frameworks and advisory guidelines relevant to AI: Model AI Governance Framework (2020, updated 2024) This non-binding framework provides guidance on responsible AI deployment. Key principles: • Transparency — Organisations should be transparent about their use of AI, including how personal data is used in AI systems. • Explainability — Individuals affected by AI decisions should be able to understand the general logic involved. • Fairness — AI systems should not produce discriminatory outcomes for protected groups. • Human oversight — Meaningful human review should be maintained for significant AI decisions. • Accountability — Clear governance structures for AI deployment, including designated responsible persons. While non-binding, the PDPC has cited this framework in enforcement decisions as the standard of care expected from organisations deploying AI. Advisory Guidelines on the PDPA for AI (2024) More specific than the Governance Framework, these guidelines address: • When AI processing constitutes "use" of personal data (it almost always does) • How to structure consent for AI applications • The interplay between automated decision-making and the access obligation • Recommended risk assessment methodology for AI systems involving personal data • Guidance on "AI-as-a-Service" and data intermediary responsibilities PDPC's position on key AI scenarios:Using third-party AI APIs with personal data: Requires assessment of the vendor as a data intermediary. Contractual safeguards required. Free-tier services that train on inputs are problematic. • Fine-tuning models on personal data: Constitutes a new "use" requiring consent. Must be included in your stated purposes. Individuals retain access rights to information about how their data was used. • AI profiling and automated decisions: Not prohibited but requires transparency and a mechanism for individuals to contest automated decisions that significantly affect them. • Anonymised data for AI: If data is truly anonymised (irreversible, no re-identification possible), PDPA does not apply. But the PDPC applies a high standard for what counts as "anonymised." Pseudonymised data (where re-identification is possible with additional information) remains personal data. Practical implication: Treat the Model AI Governance Framework as the standard you'll be measured against in any enforcement action. It's technically non-binding, but the PDPC consistently references it when assessing whether organisations have met their protection obligations.

Practical Compliance Checklist for AI Projects

Use this checklist before deploying any AI system that processes personal data: Before deployment: • [ ] Identify all personal data that will flow through the AI system (names, NRIC, email, phone, financial data, health data) • [ ] Determine your lawful basis for processing (consent, legitimate interests, contractual necessity) • [ ] Update your privacy policy to mention AI processing • [ ] Update collection notices and consent forms if AI processing is a new purpose • [ ] Assess the AI vendor's data protection practices (SOC 2, ISO 27001, no-training policy, data residency) • [ ] Execute a data processing agreement with the vendor (or confirm adequate contractual terms) • [ ] Verify data residency — where is data processed? If outside Singapore, what transfer safeguards apply? • [ ] Implement data minimisation — can you strip personal identifiers before AI processing? • [ ] Define retention periods for AI-processed data and intermediate outputs • [ ] Document your Data Protection Impact Assessment (DPIA) for the AI system • [ ] Brief your Data Protection Officer on the deployment During operation: • [ ] Maintain logs of what personal data is processed by the AI system • [ ] Implement access controls — limit who can submit data to the AI system • [ ] Monitor for purpose creep — is the AI being used for purposes beyond what was consented? • [ ] Conduct periodic accuracy reviews — are AI outputs correct? • [ ] Train staff on what data can and cannot be processed through AI tools • [ ] Respond to access requests — can you tell individuals how their data was used by AI? • [ ] Purge intermediate outputs according to your retention schedule If something goes wrong: • [ ] Breach notification plan — can you notify PDPC within 3 days and affected individuals "as soon as practicable"? • [ ] Containment procedure — can you stop the AI system processing immediately? • [ ] Investigation capability — can you determine what data was affected? • [ ] Remediation plan — can you correct or delete improperly processed data? For a more detailed, prompt-specific version of this checklist, see our PDPA Prompting Checklist.

Common PDPA Pitfalls with AI Tools

These are the most frequent compliance failures we see in Singapore businesses deploying AI: Pitfall 1: Staff using free-tier AI tools on client data The scenario: An associate pastes a client contract into free ChatGPT to "quickly summarise it." The data goes to OpenAI's US servers and may be used for model training. Why it's a problem: Cross-border transfer without safeguards (Section 26), potential training use breaches purpose limitation (Section 18), and no data processing agreement exists between your firm and OpenAI for free-tier use. Fix: Implement a clear AI usage policy. Provide staff with approved, paid-tier AI tools that have no-training commitments. Block access to free-tier AI services on your network if necessary. Train staff on what constitutes personal data. Pitfall 2: AI transcription of meetings without consent The scenario: You use an AI note-taker (Otter.ai, Fireflies, etc.) to transcribe client meetings. The recording is processed on overseas servers. Why it's a problem: Voice recordings are personal data. All participants must consent. Cloud processing triggers transfer obligations. The transcription service may retain recordings. Fix: Obtain explicit consent from all participants before recording. Use on-device transcription (Whisper model locally) where possible. If using cloud services, ensure Singapore-region processing or adequate transfer safeguards. Pitfall 3: Training AI on historical client data without consent The scenario: You feed 5 years of past client documents into an AI system to "improve its accuracy" for your firm's work. Why it's a problem: The original consent for those documents likely covered "providing legal/accounting/consulting services" — not "training an AI system." This is a new purpose requiring fresh consent (Section 18). Fix: Either obtain fresh consent from affected clients (impractical at scale), anonymise the data thoroughly before training (high bar), or use only data where your original consent clauses were broad enough to cover technology-assisted service improvement. Pitfall 4: AI-generated customer profiles without transparency The scenario: You use AI to analyse customer behaviour and generate scores or segments (credit risk, churn probability, upsell likelihood). Why it's a problem: Automated profiling triggers transparency obligations. Customers should know they're being profiled by AI. Access requests mean you may need to explain the profiling logic. Fix: Update your privacy policy to disclose AI profiling. Implement a mechanism for customers to contest automated decisions. Document your profiling logic in accessible terms. Consider whether the profiling could produce discriminatory outcomes. Pitfall 5: Retaining AI processing outputs indefinitely The scenario: Your AI system keeps all processed documents, extracted data, and intermediate outputs "just in case" — with no deletion schedule. Why it's a problem: Section 25 (Retention Limitation) requires you to cease retaining personal data when it is no longer needed for the purpose it was collected for. AI intermediate outputs (drafts, extractions, classifications) often contain personal data and must be subject to retention limits. Fix: Define retention periods for every category of AI output. Implement automated purging. When a client matter closes, purge all AI-generated intermediate data for that matter. Keep only the final work product in your document management system.

How Regulated Industries Should Approach AI

If you operate in a regulated industry, PDPA is your baseline — but sector-specific rules add additional layers: Legal sector: • Legal Professional Privilege may attach to AI-processed documents — treat AI outputs as potentially privileged • Law Society Practice Direction on Technology (2024) requires firms to assess technology risks to client confidentiality • Professional Conduct Rules require personal supervision of AI outputs before delivery to clients • Consider whether your PI insurance covers AI-assisted service delivery — check for technology exclusions • The Legal Technology Platform Programme offers additional funding for qualifying tech projects Healthcare sector: • Health Information Bill (2024) imposes stricter requirements than PDPA for patient data • National Electronic Health Record (NEHR) data requires explicit patient consent for AI use • AI-assisted diagnosis tools may require HSA approval as medical devices • Singapore Medical Council ethical guidelines address AI-assisted clinical decisions • Consider MOH's AI in Healthcare Guidelines (2023) for deployment frameworks Financial services: • MAS Technology Risk Management (TRM) Guidelines apply to AI systems handling financial data • MAS Notice on Cyber Hygiene requires additional security measures for data-processing systems • FEAT (Fairness, Ethics, Accountability, Transparency) principles apply to AI in financial services • AI-driven credit scoring or insurance underwriting triggers additional MAS scrutiny • FSTI grant scheme available for qualifying fintech/AI projects Accounting and audit: • ISCA Professional Standards apply to AI-assisted audit work • Audit working papers processed by AI retain their confidential status • Quality control standards require human review of AI-generated audit findings • Client engagement letters should address AI use in service delivery Common thread across regulated industries: 1. PDPA is the floor, not the ceiling 2. Sector regulators expect documented risk assessments for AI deployments 3. Human oversight and review remain mandatory — AI assists, humans decide 4. Explainability requirements are higher (you may need to explain AI reasoning to regulators) 5. On-device processing is strongly preferred for reducing regulatory risk across all sectors For legal-specific AI guidance, see our AI for Law Firms guide. For document automation with compliance built in, see our AI Document Automation guide.

Building PDPA-Compliant AI: Next Steps

PDPA compliance for AI is not optional and not difficult — but it does require deliberate architecture choices made at the start of a project, not retrofitted after deployment. Summary of key principles: 1. On-device first. Process personal data locally wherever possible. This eliminates the hardest compliance obligations. 2. Minimise by default. Strip personal identifiers before AI processing unless the AI genuinely needs them for the task. 3. Consent clearly. Update your privacy policies and collection notices to specifically address AI processing. 4. Vendor diligence. Assess every AI vendor as a data intermediary. Require contractual no-training commitments and clear data residency. 5. Retain responsibly. Define retention periods for AI outputs and purge systematically. 6. Train your people. Staff are the weakest link — an unapproved AI tool used once with client data can trigger a breach. How we help: We build AI systems for Singapore businesses with PDPA compliance engineered from the foundation — not bolted on as an afterthought. Our approach: • On-device deployment as the default for client-confidential data • Data minimisation architecture (pseudonymisation, selective processing) • Compliance documentation included with every build (DPIA, data flow maps, vendor assessments) • Staff training on PDPA-safe AI usage • Ongoing compliance monitoring and annual review Whether you're a law firm handling client matters, a healthcare provider processing patient data, or a financial services firm managing customer accounts — we build AI that meets your regulator's expectations from day one. Book a free compliance review call — we'll assess your current AI usage against PDPA requirements and identify any gaps before they become enforcement issues. For the practical checklist to implement immediately, download our PDPA Prompting Checklist. For cost estimation on PDPA-compliant AI builds, see our AI App Development Cost Guide.

Frequently asked questions

Can I use ChatGPT or Claude with customer data under PDPA?

It depends on the data type and tier. Free-tier AI tools typically use your inputs for training — this likely breaches purpose limitation and consent obligations. Paid enterprise tiers with no-training commitments are safer but still involve cross-border transfer. For personal data, you need either explicit consent for AI processing or must use on-device alternatives.

What are the penalties for PDPA violations involving AI?

Financial penalties up to S$1 million or 10% of annual Singapore turnover (whichever is higher) for organisations. Directors can face personal liability. Beyond fines, the PDPC publishes enforcement decisions — the reputational damage often exceeds the financial penalty. In 2025, two enforcement actions specifically cited AI-related data processing failures.

Does on-device AI processing avoid all PDPA issues?

On-device processing eliminates the cross-border transfer issue (Section 26) entirely, which is the most problematic obligation for AI deployments. However, you still need lawful basis for collection, must observe purpose limitation, apply data minimisation, and respect retention limits. On-device is necessary but not sufficient.

Do I need to tell customers their data is processed by AI?

The PDPC's advisory guidelines recommend transparency about AI processing as best practice. For consent to be valid under PDPA, the individual must know what they're consenting to. If AI processing represents a materially different use from what the customer reasonably expects, you should disclose it. Update your privacy policy and collection notices.

How does PDPA apply to AI transcription of meetings or calls?

Audio recordings containing personal data are covered by PDPA. Using cloud-based AI transcription services means the recording leaves your premises — triggering transfer and processing obligations. You need consent from all participants, a vendor with no-training commitments, and ideally Singapore-hosted processing. On-device transcription (e.g., using local Whisper models) avoids the transfer issue.

What's the PDPC's position on AI-generated profiles or scores?

The PDPC's Model AI Governance Framework (2020, updated 2024) addresses automated decision-making. If you use AI to score, profile, or categorise individuals (credit scoring, hiring screening, risk assessment), you should: be transparent about the use of AI, provide a mechanism for review of automated decisions, and ensure the profiling logic doesn't produce discriminatory outcomes. PDPA's access obligation means individuals can request information about how their data is used in profiling.

Want to Apply This to Your Business?

We're a Singapore AI development and automation agency. Let's discuss how we can help solve your specific challenges.