SmartLaw sticker final

Errant Vehicle Dealers

Written on .

  • Volks Auto, Exodus Global, TLC Cars Singapore, Royal Automotive, and now Manhattan Motors. In the past few years, there have been a trend of various car dealers winding up suddenly, leaving consumers and financing companies in the lurch.
  • The car dealer purchases the vehicle from a source, sometimes with the funds for the purchase funded by a financing company. The car dealer, having physical possession of the vehicle, proceeds to sell the vehicle to an unwitting consumer and collects a deposit or even full cash payment for the vehicle.
  • However, the cash payment is not forwarded to the finance company. Furthermore, the title of the vehicle remains with the car dealer or finance company. Even after the consumer gains physical possession of the car, the ownership is not transferred to the consumer.
  • Eventually, when the car dealer winds up, consumers are left in the lurch as they have paid money for a vehicle they technically do not own.

Potential Implications

  • Under the Road Traffic (Motor Vehicles, Registration and Licensing) Rules, the owner of the vehicle or transferee or must, within 7 days after the transfer of possession of the vehicle make an application for the transfer to the LTA. If this is not performed, both the owner of the vehicle and the transferee will be guilty of an offence.

  • Furthermore, certain insurance policies contain a clause indicating that the insurance cover is conditional upon the transferee having the vehicle registered under them. In the event that an accident occurs, consumers may run the risk of having the insurance company deny the consumer’s claim.

  • Further, it is possible the registered owner of the Vehicle that had paid good money for the Vehicle may also exercise their right of possession over the Vehicle

How to Protect Yourself

  • Reduce your financial risk exposure of a default by negotiating a smaller deposit.

  • Always ensure that proper records of payments made for a vehicle are kept, and always issue funds via an ascertainable method (bank transfer with remarks, crossed cheque payable to the company with corresponding bank transaction records) instead of an untraceable method such as cash, or a cash cheque.

  • Upon the transfer of the title of a vehicle, LTA will forward the transferee a letter confirming that the vehicle has been transferred. As such, consumers must be vigilant, and ensure that they receive confirmation from LTA that they are the rightful owners of the vehicle.

  • Another method will be to login to the LTA website with your Singpass and perform an asset check to ensure that the Vehicle is registered under your name.

Our lawyers are experienced in vehicle title / financing disputes, and are well-equipped to advise you on such matters. Please feel free to contact our firm should you wish to find out more.

Personal Data Protection Act (“PDPA”)

Written on .

Whether we like it or not, the topic of personal data is ironically not so personal anymore. In recent years, personal data has taken centre stage not only in Singapore, but across many developed nations. Whether you are an individual registering for a lucky draw, or an insurance company preparing to send out monthly statements to clients, personal data affects us all in ways we never expected.

So why has there been this “sudden” spotlight on personal data protection? It may not actually be as sudden as most people believe it to be. Singapore’s Personal Data Protection Act (“PDPA”) was first enacted in 2013, and it was only from 2 July 2014 that the PDPA came into force. Therefore, the Act has already been in force for more than 3 years, yet many individuals and organisations remain oblivious of its existence. However, ignorance is NOT bliss in this case, and enforcement by the Personal Data Protection Commission (“PDPC”) has picked up pace in the past year. One of the most severe penalties to-date is a fine of S$50,000 imposed on karaoke chain K Box Singapore, after the personal data of over 300,000 customers were posted online.

But what does the PDPA do? Essentially, it prohibits the indiscriminate collection of consumer’s personal data, and requires organisations to be accountable for the use of such data. The consequences of non-compliance the PDPA is not to be taken lightly - organisations that fail to observe the provisions of the PDPA may be fined up to S$1 million. Most times, a simple complaint by a disgruntled individual can bring some serious damage to a non-compliant organisation, and it is not just financial damage that is at stake.

A case in point is Toh-Shi Printing, which was a printing company hired by Aviva Insurance. Toh-Shi Printing had inadvertently caused the personal data of 8,022 individuals to be leaked when Aviva policyholders received inaccurate statements in which their personal data was disclosed. The PDPC fined the company S$25,000 for failing to implement adequate checks in processing personal data. The printing firm then admitted that the breach occurred due to its own staff failing to comply with the company’s security procedures. However, the repercussions did not just end with the fine – Toh-Shi Printing is now no longer in business as it could not sustain a profitable business in the aftermath of their damaged reputation.

Under the PDPA, it is mandatory for an organisation to appoint a Data Protection Officer (“DPO”) to act as a point-of-contact with the PDPC. The DPO need not be a distinct and separate role within the organisation, and a current employee can assume this role as well. It is prudent that organisations take this first step in their personal data protection journey by appointing a DPO.

The PDPA is only going to get stronger. There is currently an ongoing public consultation till 18 December 2017 to receive public feedback on the PDPA, and so far, NRIC numbers have taken the hot seat with many proposing that it be unlawful for mall operators and retailers to collect and use shoppers’ NRIC numbers to track parking redemptions, conduct lucky draws or manage membership accounts. Building owners may also be barred from retaining NRICs in exchange for visitor badges. These are likely to be enacted in stone in a matter of time. Presently, it is worth playing safe and collect NRIC details only where the law requires it, such as subscribing to a mobile phone line, or during emergencies.

If you are a private organisation, it is essential to have a system in place to not only protect personal data, but to have a proper response in the event of a breach. It is certainly not the case that the PDPC penalises organisations for each and every complaint received, and a proper reaction to alleviate the breach may get you by with just a warning from the PDPC. Therefore, it is vital that you create a system that is able to both prevent and cure any data breaches.

Our lawyers are trained by data protection specialists, and we are well-equipped to advise you on whether you have in place an appropriate data protection system that is both preventive against and reactive to data breaches. Please feel free to contact our firm should you wish to find out more.

More Articles ...

  • 1
  • 2