Companies who request for their customer's private information may in turn distribute these confidential particulars to others. As such, cases of fraud and identity theft have surfaced, with fraudsters using these distributed identities to apply for loans or credit cards. Unlike other countries, no privacy law to safeguard an individual's data against unauthorized commercial use has been put in place. As a result, fraudsters are able to ride on this loophole. Ethical Question: Is it right for companies to request for their customer's private information for certain reasons? Is it even fair that they distribute these information to third parties, perhaps as a way to make money? Problem: I think the main problem is that there isn't a law in Singapore that safeguards an individual's data against unauthorized commercial use. Even though the Model Data Protection Code scheme tries to do the above, it is after all, still a voluntary scheme. Companies can opt to adopt the scheme, but whether they choose to apply it regularly, is another issue. As long as a privacy law is not in place, this issue will continue to recur in Singapore.