Tsaaro got CERT-IN Empanelled | MeitY has published the DPDP Rules, 2023.
Tsaaro got CERT-IN Empanelled | MeitY has published the DPDP Rules, 2023.
Tsaaro got CERT-IN Empanelled | MeitY has published the DPDP Rules, 2023.
Tsaaro got CERT-IN Empanelled | MeitY has published the DPDP Rules, 2023.
Back To Home
Research Team (Tsaaro)
Singapore Considers Mandatory AI Data Notifications to Strengthen Privacy Protections

Singapore’s data protection regulator is considering new rules that would require businesses to notify users when their personal data is used to train artificial intelligence models. The proposal aims to improve transparency and strengthen privacy protections as the use of generative AI becomes more widespread.
The increasing adoption of AI by banks, insurers, retailers, and social media platforms has led to large-scale collection and processing of personal data. Regulators are concerned that users may not be fully aware when their information is used for AI training, particularly when companies rely on broad privacy notices.
To address this issue, Singapore’s Personal Data Protection Commission (PDPC) has proposed AI-specific notifications such as:
Disclosure requirements: Businesses would be required to provide clear explanations about how personal data will be used, the purpose of the AI model, and the types of data involved.
Opt-Out Mechanisms: Organisations would also be encouraged to offer simple mechanisms for users to withdraw consent or opt out.
User Notification: The proposed guidance suggests measures such as pop-up notices within digital products, dedicated webpages explaining AI data usage, and email notifications containing opt-out links.
Privacy concerns have also expanded beyond software services to AI-enabled devices such as smart glasses, smartwatches, and biometric payment systems, which collect facial, fingerprint, and other biometric data. International incidents involving covert recording and misuse of AI-enabled devices have increased public concern about privacy risks.
Several regulatory questions remain unresolved. It is not yet clear whether businesses will need explicit user consent for AI training or whether an opt-out option will be sufficient. Uncertainty also exists regarding the treatment of anonymised data and whether organisations may restrict services when users refuse consent.
If implemented, the new rules would require companies in Singapore to review their data-handling practices, update privacy policies, and establish new notification and consent-management processes. For consumers, the proposals would provide greater transparency and control over the use of their personal data in AI-powered products and services.
News of the week
Anti-Tracking Fashion Startup Develops Clothing to Reduce AI Surveillance

Leipzig-based startup Urban Privacy has developed clothing and accessories designed to make it more difficult for AI surveillance systems to track individuals. The products include anti-tracking jackets featuring face-like patterns intended to confuse AI cameras, as well as asymmetric designs that make automated gender classification more difficult.
The founders state that the project aims to address concerns about how personal data collected through surveillance technologies is used and shared. Another product, a QR code scarf, displays a “no-photos-pls.com” link when photographed, discouraging unwanted image capture.
LAPD Ends Flock Safety License Plate Reader Agreement Over Privacy Concerns

The Los Angeles Police Department (LAPD) has ended its agreement with Flock Safety to use automated license plate reader (ALPR) cameras, citing concerns about privacy, data ownership, and security. Public concerns regarding Flock’s technology increased after a 2025 report by the University of Washington’s Centre for Human Rights alleged that the company had tested an information-sharing program that allowed federal agencies to access license plate data collected by local agencies without those agencies’ knowledge or consent.
Several other jurisdictions, including South Pasadena, Mountain View, Santa Cruz, Hillsborough, and Flagstaff, have also suspended or ended their relationships with Flock. An Office of Inspector General report recommended that LAPD halt the installation of new ALPR cameras and avoid entering new ALPR-related contracts until a broader review of vendors and data-sharing practices is completed and public input is obtained.
Chinese Cybersecurity Authority Flags Alleged Backdoor in Claude Code

A cybersecurity platform operated by China’s Ministry of Industry and Information Technology warned on Wednesday that it had identified a serious security risk in Anthropic’s AI coding tool, Claude Code. In a statement posted on its WeChat account, China’s National Vulnerability Database stated that Claude Code contains a built-in monitoring mechanism capable of transmitting sensitive information, including users’ geographic location and identity-related identifiers, to remote servers without obtaining user consent.
The database advised organisations and users to review affected systems immediately and either uninstall the impacted versions or upgrade to the latest secure release in which the alleged backdoor code has been removed. It also recommended that organisations strengthen controls on external network access for development tools and enhance traffic monitoring on core business networks to prevent the unauthorised transfer of sensitive data.
Want to stay ahead?
Secure your communications today with a tailored privacy and compliance strategy from Tsaaro.com.

