近期,新加坡国会就身份证号码使用和隐私保护问题进行了讨论。新加坡数码发展及新闻部长杨莉明在1月8日的国会会议上发表声明,强调政府不打算将身份证号码广泛公开。
以下内容为新加坡眼根据国会英文资料翻译整理:
杨莉明(新加坡数码发展与新闻部长)在国会上表示,总共有51个议会问题(PQs)针对国民登记身份证(NRIC)的政策及会计与企业管制局(ACRA)在Bizfile门户上披露NRIC号码的情况提出,她和财政部第二部长英兰妮女士分别发表部长声明,以回应这些问题。两人的声明将涵盖之前议程和未来会议上提出的相关问题。
核心要点:
2025年1月26日,杨莉明部长的此次声明主要回应了公众对NRIC政策的关切,特别是在会计与企业监管局(ACRA)Bizfile门户网站中披露NRIC号码的事件后,公众对政府可能改变NRIC号码披露政策的担忧。部长强调,政府并没有意图广泛披露NRIC号码,且现有的NRIC使用政策和数据保护规定不会发生根本改变。以下是部长声明的主要要点:
1. 对公众关切的回应
杨莉明部长首先对公众的关切表示理解,并强调Bizfile事件是一个不幸的事故。这一事件可能使公众误以为政府正在改变政策,允许大规模披露完整的NRIC号码。部长明确指出,政府并没有这个意图,NRIC号码依然被视为个人数据,只能在有必要的情况下收集和使用。对这一错误的发生,政府深感抱歉,并表示将采取措施确保类似事件不再发生。
2. NRIC号码的隐私与安全
部长强调,NRIC号码是个人身份的唯一标识符,虽然它并非完全保密(类似于名字),但它也不应被广泛披露。NRIC号码只能在某些特定情况下披露,例如:法律要求、雇主、诊所或在注册手机号码时等情况。长期以来,NRIC号码已被广泛使用,不仅仅是作为身份标识符,甚至有些组织错误地将其作为认证工具或密码,三观使用其部分数字(如后四位)作为安全手段,这给人以错误的安全感。杨莉明强调,这种使用方法不恰当,必须予以停止。
3. 对NRIC号码误用的回应
部长提到,虽然NRIC号码设计为身份标识符,但它不应被作为认证或密码使用。过去,某些组织会要求提供完整的NRIC号码来确认身份,甚至有些个人会将其作为密码使用,这种做法是不恰当的。特别是,随着网络算法的进步,部分NRIC号码(如最后四位数字)可以被轻易还原为完整号码,从而带来信息泄露的风险。
部长进一步指出,政府已经意识到这一问题,并决定采取行动,停止将NRIC号码作为认证工具或密码使用。政府将在公共部门开始实施这一变化,并计划将其推广到私营部门。通过这些措施,政府希望能够消除NRIC号码被滥用的风险,提升个人数据保护的水平。但现阶段仍可收集部分号码作为识别用途。未来计划与公众和私营部门展开广泛咨询,以更新指导原则。
4. Bizfile事件的反思
部长承认,由于不同政府部门间缺乏协调,ACRA在Bizfile门户网站的“人员查询”功能中错误地披露了完整的NRIC号码。这一失误并非政府意图的结果,部长强调,政府在推进去除NRIC号码屏蔽功能时,应当明确说明,在某些情况下,不是所有的NRIC号码都应该披露,尤其是完整的NRIC号码。此事发生后,政府决定更审慎地处理这些政策变化,确保此类错误不再发生。政府计划开展大规模公众教育,强调NRIC号码的安全性及正确用法;个体需立即更改使用NRIC号码作为密码的习惯,以避免身份盗用或其他风险。
5. 下一步的措施与时间表
部长强调政府对数据保护的重视,提到公共部门需遵循《公共部门(治理)法》(PSGA)及内规,数据保护标准不低于《个人资料保护法》(PDPA)。ACRA因未能协调好相关流程而泄露NRIC号码,政府对此进行严格审查并加强未来预防措施。部长透露,政府已经指示各公共机构停止将NRIC号码用作认证工具或密码,并逐步废除现有的NRIC号码屏蔽使用方式。这一转变预计将需要一定的时间,但政府决定在问题相对可控的情况下率先推动这一改革。
对于私营部门的改革,部长指出,政府并未立即启动相关工作,因为私营部门存在长期的惯例和实践,改变这些做法可能需要更长的时间。政府的初步计划是先从公共部门入手,积累经验后,再逐步引导私营部门进行改革。针对私营部门使用NRIC号码的现状,政府已经开始向相关企业提供指导,要求其停止将NRIC号码用作认证工具或默认密码。
6. 应对私营部门的建议
针对私营部门的情况,杨莉明部长提出了两个具体建议:一是私营部门应尽快停止使用NRIC号码作为身份认证或密码;二是对于仍在使用部分NRIC号码(如最后四位数字)作为识别工具的企业,可以继续使用这一做法,但未来将考虑根据公众意见更新相关规定。部长还提到,政府将开展与私营部门的广泛咨询,听取企业的意见,进一步完善相关政策。
7. 公众教育与数据保护
为了防止NRIC号码被错误使用,政府还将加强公众教育,帮助公众和企业了解NRIC号码的正确使用方式。部长特别强调,NRIC号码仍然是个人数据,企业在收集和使用NRIC号码时,必须履行保护责任,遵守法律规定,确保数据安全。此外,政府还将继续审查并强化数据保护措施,确保所有公共机构和企业都能遵循严格的数据保护标准。
8. 与私营企业的协作与计划
杨莉明部长还补充道,政府已经开始向私营部门提出相关要求,尽管这类改革可能需要更多时间才能完成。政府计划在未来与私营部门密切合作,帮助企业识别出现问题的领域,并提供指导,逐步过渡到更安全、更符合数据保护要求的做法。
9. NRIC号码与个人身份保护
在声明的最后,杨莉明部长提醒公众,要清楚认识到NRIC号码是个人身份的关键标识符,但它也并非完全保密的。公众应保持警惕,特别是在接到不明身份的电话或邮件时,不应轻易相信他们,因为这些人可能只知道公众的NRIC号码,而非其他身份信息。此外,公众应定期检查自己是否曾将NRIC号码用作密码,并及时更换这些密码,以确保个人信息安全。
10. 总结
政府非常重视NRIC号码的安全使用。尽管当前已有相关的数据保护法律和规定,但由于不当使用NRIC号码的现象仍然存在,政府决定采取进一步措施,以保障公众个人信息的安全。未来,政府将加强与公众和私营部门的合作,推动改革,并在此过程中确保个人信息得到应有的保护。
通过这一系列的改革措施,政府希望能够提高公众对NRIC号码使用的认知,避免其被误用或滥用。同时,政府也向社会各界传递了一个重要的信息,即数据安全和个人隐私保护将继续是政府的优先事项,公众和企业应共同努力,确保这一目标的实现。
以下是英文质询内容:
The Minister for Digital Development and Information (Mrs Josephine Teo): Mr Speaker, Members have filed a total of 51 Parliamentary Questions (PQs) on the National Registration Identity Card (NRIC) policy and the disclosure of NRIC numbers on the Accounting and Corporate Regulatory Authority's (ACRA's) Bizfile portal. Second Minister for Finance Ms Indranee Rajah and I will be making Ministerial Statements to address the issues raised. Our Statements will address Question Nos 1 to 37 for oral answer in yesterday’s Order Paper; Question Nos 3 to 8 and 39 to 44 for written answer in yesterday’s Order Paper; Question No 52 for oral answer in today’s Order Paper, and related questions that have been filed for subsequent Sittings.
Mr Speaker: Please go ahead.
Mrs Josephine Teo: Sir, let me start by acknowledging the concerns raised by the public over NRIC policy. The Bizfile incident is unfortunate.
Without intending to, it may have led the public to believe that the Government is changing its policy to allow full NRIC numbers to be exposed on a wide scale. This is not the case. We take the public's concerns very seriously and are very sorry that the mistake has caused them much anxiety.
I want to reassure the public that NRIC numbers remain personal data. NRIC numbers can only be collected when there is a need to do so. Organisations that collect NRIC numbers also have a duty of care. Subject to applicable law, they must notify and seek consent on use, and ensure protection of the data. These are existing guidelines that will not change.
However, there are also some incorrect uses of the NRIC number today. Our plan was to stop these incorrect uses while the problem is relatively contained. Doing so will better protect everyone and allow us to use NRIC numbers with confidence.
In this regard, my Statement today will address two issues: the current incorrect uses of NRIC numbers and why we need to change; and what our next steps will be.
Sir, when we interact with others daily, we are identified by our names. However, our names may not be unique. For organisations that deal with many people, say, a hospital with several patients named John Tan, they need a better way to uniquely identify them. Their NRIC number is a useful unique identifier in such situations. When the hospital needs to perform an operation or dispense medication, the doctor or nurse must make absolutely sure that it is the right John Tan they are dealing with and they should ask you, "What is your NRIC number?"
Since the NRIC number's purpose is to be a unique identifier, it cannot be a secret, just as our names are not secret. I should emphasise, however, that while your NRIC number is not a secret, it is not meant to be widely disclosed. This is the concern echoed in Mr Lim Biow Chuan's question.
We would only disclose our NRIC number under certain circumstances, for example, when required by law. Some examples include disclosing our NRIC number to our employers, at the clinic or when we subscribe to a mobile telephone line. Because we do have to disclose our NRIC number to others for such purposes, we must assume that at least some people know our NRIC number.
Over time, however, NRIC numbers have become increasingly used as more than an identifier. Previously, organisations would require seeing my physical NRIC card to confirm that I am who I claimed to be. However, some organisations assume that if someone can cite my NRIC number, that person must be me! This is clearly wrong.
On the assumption that this person is indeed me, some organisations may go further to give the person access to privileged information or services. When used this way, my NRIC number is no longer just an ID, or identifier, but a key to unlock more information or services. In such situations, the NRIC number is being accepted as an authenticator, or proof of who a person claims to be. This is clearly inappropriate.
Instead of the full NRIC number, some organisations collect and use a partial NRIC number, usually the last four characters of the NRIC number. They think that this is safe and that revealing only the last four characters still keeps the full NRIC number secret. Among public agencies, even when the agencies had the full NRIC numbers, the use of masked NRIC numbers became more common.
Besides organisations, some individuals also started to use their NRIC numbers as their passwords. They did so under the impression that the full NRIC number is secret.
However, as shown by Dr Tan Wu Meng in his question, there are now algorithms that can be found online, that have made it easier to work out the full NRIC number from the partial or masked NRIC number. The easy availability of such algorithms means that the continued use of partial or masked NRIC numbers gives both organisations and individuals a false sense of security. This does not really keep the full NRIC number secret. This also makes the practice of using NRIC numbers as passwords even more inappropriate.
To the questions by Dr Tan, Mr Liang Eng Hwa and Ms Sylvia Lim, these developments led the Government to take steps to stop the incorrect uses of the NRIC number. This meant two things: one, not using the NRIC number as an authenticator; and two, moving away from the use of masked NRIC numbers, because it creates a false sense of security.
We knew this transition would take time. But it was better to start while the problem is relatively contained and for the Government to take the lead.
To the question by Ms Joan Pereira, we proceeded to ask agencies to stop using the NRIC number as an authenticator or as a password. We also asked agencies not to plan new uses, with a view to discontinuing existing uses of masked NRIC numbers eventually.
The lapse in coordination between agencies led to ACRA's misunderstanding and the disclosure of full NRIC numbers in the People Search function of its new Bizfile portal.
In hindsight, what we should have made clear was that moving away from the use of masked NRIC numbers did not mean automatically using the full NRIC number instead, in every case. At no point was our intention to disclose full NRIC numbers on a wide scale.
In place of masked NRIC numbers, in some instances, there would be no need for the NRIC number at all. In other instances, names alone or some other identifier would be sufficient. But there could also be instances where full NRIC numbers should be used, instead of masked NRIC numbers. Each case would have to be assessed and decided individually.
Members including Mr Leong Mun Wai, Mr Liang Eng Hwa, Mr Xie Yao Quan, Ms Jessica Tan, Mr Dennis Tan and Mr Pritam Singh have asked about the internal processes leading to ACRA's actions. Minister Indranee will say more about it in her Statement later and address Members' questions related to ACRA.
Miss Cheryl Chan asked why the efforts to change did not include the private sector. The Government knew that it would take time for public agencies to make the change. We expected that it would take even longer for the private sector because of long-standing practices and habits. The plan was therefore to change the internal practices of Government before moving to change practices in the private sector and non-profit organisations, which Ms Usha Chandradas asked about. We believed that doing so would allow us to better understand the implementation challenges and, as a result, facilitate a smoother transition in the private sector.
We had also planned to mount a major effort to help Singaporeans be aware of the risks and to support efforts to stop incorrect practices. The Bizfile incident was an unfortunate misstep which now means these plans need to be brought forward.
While we had taken steps to stop the incorrect uses of NRIC numbers in the public sector, we had not started implementation for the private sector. Mr Edward Chia, Mr Liang Eng Hwa, Ms Hazel Poa and Mr Xie Yao Quan have asked specifically what should be done in the private sector.
At this stage, we would advise private sector organisations to do two things: first, private sector organisations that are using NRIC numbers as a factor of authentication or as default passwords should stop this practice as soon as possible; and second, private sector organisations that presently collect partial NRIC numbers to identify people can continue to do so. The guidelines for the private sector have not yet changed and we will only consider how they should be updated after consulting the public.
To questions by Mr Xie Yao Quan, Mr Melvin Yong and Mr Sharael Taha, we aim to start consultations soon and will provide details when ready. Our initial soundings with the private sector suggest there can be different approaches. Some organisations currently using partial NRIC numbers can stop the practice and replace them with alternative means of identification such as mobile numbers or email addresses or drop them entirely. But there are also organisations that need to accurately identify persons and can justify the collection of full NRIC numbers even if they are not required by law. For example, preschool centres will prefer to collect the full NRIC numbers of visitors rather than just the mobile numbers; the parents will certainly feel more secure. In applications for and disbursements of substantial financial aid, persons would also need to be accurately identified.
We will take these considerations on board when updating the guidelines. In any case, I would like to assure Members like Ms Jean See and Mr Ong Hua Han that the Personal Data Protection Commission will support businesses in changing their authentication methods. This will include raising their awareness on why the use of NRIC numbers as a factor of authentication is unsafe and working through the Infocomm Media Development Authority and the Cyber Security Agency's programmes to help businesses review and adjust their practices.
To questions by Ms Tin Pei Ling, Mr Zhulkarnain Abdul Rahim and Assoc Prof Jamus Lim, I should emphasise that NRIC numbers are personal data. This means that organisations collecting and using NRIC numbers must continue to exercise a duty of care. Subject to applicable law, they must notify and seek consent on use, and also ensure the data is sufficiently protected. Certainly, they should not disclose the NRIC numbers unless there is good reason to do so.
Members may also ask, if the NRIC number is not suitable as an authenticator, what about the physical NRIC card, our pink identity card? If we look at our physical NRIC card, we will see that it contains other identifying information, such as our photo and fingerprint. It allows others to check that the information on the card matches me, the person holding the card. In addition, the physical NRIC card is not easily faked. The physical NRIC card is, therefore, suitable as an authenticator, or proof of who I claim to be. But someone providing my NRIC number and claiming to be me, does not have these additional factors of proof.
Organisations must know that the physical NRIC card and NRIC number are different. The physical NRIC card can be an authenticator, but the NRIC number should not be used as an authenticator. Organisations should, therefore, not accept my NRIC number alone as proof that the person citing it is indeed me.
Besides organisations, individuals, too, have questions about what they should do. There are also two things. The first is to clarify their understanding of the NRIC number. Members like Ms Sylvia Lim asked about this.
We have said that our NRIC number is like our name. Even if it is not widely disclosed, it is not secret. In our daily lives, if someone we do not recognise calls out our name and starts to behave as though they know us well, we would be slightly suspicious. We might be polite but not too friendly. Certainly, we should not fully trust this person, just because they know our name.
This should also be how we treat anyone who tells us our NRIC number. We should not automatically assume that they know us well or are figures of authority or can be trusted. We should be cautious about revealing more about ourselves, or saying yes to their requests or following their instructions without checking further.
The second thing we can do as individuals is to review our passwords. If we have used our NRIC number as a password to access any information or service, we have mistakenly used it as an authenticator and should change the password immediately. Doing so will give us better protection against people who use our NRIC number to get access to information or services. It will also complement efforts by organisations to stop using the NRIC number as a factor of authentication.
To Ms Hany Soh's question, NRIC-related scams are not new. Most NRIC-related scams involve victims who think they are speaking to figures of authority and end up taking actions that harmed themselves, such as transferring money without further checks. Very few cases have involved scammers directly using NRIC numbers to unlock access to valuables.
Several Members have also asked how to mitigate the risks when NRIC numbers are disclosed. They include Mr Zhulkarnain Abdul Rahim, Mr Edward Chia, Mr Christopher de Souza, Mr Ong Hua Han, Mr Liang Eng Hwa, Ms Jessica Tan, Mr Louis Chua, Miss Cheryl Chan, Mr Sharael Taha and Mr Yip Hon Weng.
As I have explained, the risks arise from the incorrect use of the NRIC numbers. If individuals stop using NRIC numbers as passwords and organisations stop using NRIC numbers as authenticators, this will go a long way to preventing harms from scams and identity theft. They will give us all better peace of mind to use the NRIC number whenever it is necessary, such as to get medical treatment or apply for jobs.
Sir, the Government appreciates that the incorrect uses of the NRIC number may not be well understood. Our public education efforts will raise awareness among organisations and individuals, and to guide them on what they should do. In doing so, we will focus on the points I highlighted above.
Mr Gerald Giam asked about alternatives to the current NRIC number system. In fact, the risks do not arise directly from the structure of the NRIC number. Rather, the risks arise when the NRIC number, which is meant to be a unique identifier, is incorrectly used as an authenticator or a password. Even if we were to create an alternative identifier, we would still have a problem if organisations used it as an authenticator and individuals used it as a password.
Sir, let me turn now to questions about ACRA's exemption from Personal Data Protection Act (PDPA) requirements and the Government's data protection measures. These were raised by Ms Tin Pei Ling, Ms Sylvia Lim, Mr Saktiandi Supaat and Mr Patrick Tay.
The Government has always taken seriously its responsibility to protect the data entrusted to the public sector. The Government's personal data protection standards are set collectively by the Public Sector (Governance) Act, or PSGA, and our own internal rules.
The PSGA is aligned with the PDPA and adapted to the Public Service context. Our internal rules are comprehensive and take reference from international and industry standards. We also continually strengthen our data governance practices.
ACRA is expected to comply with these rules and the PSGA, which are no less stringent than PDPA requirements. Regular, mandatory audits are conducted to ensure that public agencies, including ACRA, comply with the standards for data protection and the security of information and communications technology systems. The number of data incidents and their severity is published annually.
In the most recent whole-of-Government audit exercise on information technology-related data security controls, there were very few significant findings and all of them had been remediated by the agencies concerned. There has also been a reduction in data incidents of medium severity and above. Where necessary, we have also taken public servants to task, for example, in serious cases involving unauthorised disclosure or improper use of information.
Members can be reassured that we take these rules and controls very seriously. We will continue to regularly review the safeguards to ensure that they remain relevant.
Sir, let me conclude. We understand the public's concerns about NRIC numbers. It was not our intention to make the full NRIC number widely disclosed and we are not heading in that direction.
NRIC numbers are personal data and can be collected and used only when there is a need to. Organisations that hold your NRIC number also have a duty of care. Subject to law, they must notify and seek consent on use, and ensure protections. These are existing guidelines that will not change.
What needs to change are the incorrect uses of the NRIC number. These include using NRIC numbers for authentication or as passwords. It is better to make these changes while the problem is relatively contained. Organisations and individuals can both help by taking steps to stop using NRIC numbers as authenticators or passwords.
By taking action as soon as possible, we can increase protection for all of us. This will allow us to more confidently use the full NRIC number as a unique identifier whenever we need to do so. Mr Speaker, please allow me to summarise a few key points in Mandarin, please.
(In Mandarin): [Please refer to Vernacular Speech.] Mr Speaker, the Government understands the public's concerns about the correct use of NRIC numbers. I would like to reiterate here that it is not our intention for the full NRIC numbers to become widely disclosed information.
NRIC numbers are personal data, and they can only be used and disclosed when there is a need to do so.
Unless indicated by law, organisations that wish to collect and hold your NRIC number must first notify and seek consent on its use, and ensure that it receives adequate protection. These existing guidelines will not change.
However, what needs to change are some incorrect uses of the NRIC number. For example, we should not use NRIC numbers for authentication or as passwords.
It is better to make these changes and rectify the problem while it is still relatively contained. Both organisations and individuals can do their part to stop using NRIC numbers as authenticators or passwords.
By taking action as soon as possible, we can increase protection for all of us. This will allow us to more confidently use the NRIC number as a unique identifier, whenever we need to do so.
(In English): Mr Speaker, with your permission, I will respond to any clarifications which Members may have, after Minister Indranee Rajah has also made her Statement.
12.57 pm
Mr Speaker: The Second Minister for Finance will indeed also be making a related Ministerial Statement. I will allow Members to raise points of clarifications on both Statements after Minister Indranee's Statement. Second Minister for Finance.
CF丨翻译
HQ丨编审
国会丨来源
国会丨图源
免责声明:
1.凡本公众号注明文章类型为“原创”的所有作品,版权属于看南洋和新加坡眼所有。其他媒体、网站或个人转载使用时必须注明:“文章来源:新加坡眼”。
2.凡本公众号注明文章类型为“转载”、“编译”的所有作品,均转载或编译自其他媒体,目的在于传递更多有价值资讯,并不代表本公众号赞同其观点和对其真实性负责。
视频直播
新加坡眼旗下视频号你关注了吗?
点击下面视频,查看更丰富的内容!
上新加坡眼官网搜索更多关于新加坡的资讯
