Legal Identity

Singapore has a mandatory National Registration Identity Card (NRIC) for all citizens and permanent residents in the country. Citizens must apply for the NRIC when they reach the age of 15.^[1] The National Registration Act (1965) governs the NRIC system. The NRIC can be used as proof of legal identity and citizenship or permanent residency for people living in Singapore.^[2] However, it is not in itself a proof of citizenship as permanent residents who are non-citizens can also acquire it.^[3]

In Singapore, birth registration is a foundational identity for a child. According to the Registration of Births and Deaths Act (2021),^[4] all births, regardless of the parents’ immigration status in Singapore, must be registered within 42 days of childbirth. The failure to register a child’s birth within the stipulated time can result in a fine and/or imprisonment.^[5] Birth registration constitutes legal identity in Singapore. It includes details such as name, date of birth, and parents’ names. It is issued to every child born in the country or to those who are registered with Singapore authorities overseas.^[6] A birth certificate does not grant citizenship but is one of the supporting documents for proof of citizenship.^[7] Citizenship is formally established by a Singapore Citizenship Certificate, which is issued by the Immigration and Checkpoints Authority.^[8]

Foreigners living in Singapore, who are not permanent residents, are given a Foreigners Identification Number (FIN) by the Immigration and Checkpoints Authority. The FIN is issued to foreigners residing in Singapore with long-term passes (such as Employment Pass or Student Pass). The FIN serves as their legal identity document for the duration of their stay in the country.^[9] The FIN is reportedly also issued to stateless persons living in Singapore.^[10] Legal identity is therefore well-established for citizens and permanent residents through the NRIC and foreigners and unregistered persons through the FIN systems.

Digital ID Overview

Singapore has a National Digital Identity (NDI) system which is part of its legal identity framework, commonly known as Singpass, developed as part of the country’s Smart Nation initiative.^[11] The minimum age requirement to enrol for Singpass is 15 years.^[12] To be eligible for Singpass, citizens and permanent citizens must use their NRIC, while foreigners must use their FIN.^[13] As a result, only individuals with an NRIC or FIN can register for Singpass, excluding those without formal citizenship or residency status. There is no official source confirming that stateless persons can apply for Singpass.

The Singpass is a functional ID that allows access to a wide range of government and private sector services.^[14] Approximately 97% of the population use the Singpass to access more than 2,000 public and private sector services online, such as financial services, healthcare, education, business services, and transportation.^[15] Although Singpass is not legally mandatory, it is required to access many government e-services as part of the Smart Nation initiative.^[16]

As of December 2023, there are approximately 853 stateless persons residing in Singapore.^[17] Stateless persons are eligible for a Special Pass card, which legalises their stay in the country.^[18] Approximately 204 stateless persons in Singapore hold the Special Pass, and the Ministry for Manpower, in October 2024, stated that stateless persons who are issued the Special Pass do not have Singpass accounts.^[19] Approximately 76% of the stateless population in Singapore have PR status and therefore, in theory, have access to Singpass.^[20] However, there is no information available to verify the extent to which stateless individuals with permanent residence have registered for Singpass or have access to register for the digital ID.

The framework for Singapore’s digital ID system has been primarily formulated and implemented by government agencies, with significant technical input from private sector partners. The Singapore Government Technology Agency (GovTech) led the design, development, and roll-out of the NDI, including Singpass and associated platforms such as MyInfo.^[21] The implementation of the digital ID system involved partnerships with private technology companies for developing technical components.^[22] While there was outreach and education initiatives, the primary mode of public involvement was through feedback and user-testing phases.^[23] There is no evidence of large-scale formal public consultations prior to the launch of the digital ID system or during major architectural decision-making.

Government programmes focused on on-boarding seniors and those less digitally literate, providing in-person service points and digital literacy training to facilitate adoption, but there is limited evidence of targeted engagement with other marginalized or isolated communities (such as stateless persons or minorities) in the initial design phase. There is no public evidence that the digital ID programme’s formulation involved panels or direct consultation with experts in racial discrimination, social exclusion, or similar human rights or civil society organisations. Most academic and NGO analyses point to a government focus on technical excellence, economic impact, and convenience, rather than on political or social dimensions of exclusion at the design stage.^[24] The legal framework governing Singpass and the NDI system is not established through a single statute but operates under broader data governance and ICT laws.

Law

Domestic Law and Policy

To date, there is no specific legislation for Singpass and Singapore’s National Digital Identity (NDI) system. Instead, the system functions within an existing legislative framework governed by the following laws^[25] – The Public Sector (Governance) Act (2018), which covers, among other areas, the management of data by government agencies, including personal data protection and data sharing^[26]; The Personal Data Protection Act (2012) (PDPA) which provides a baseline standard for protection of personal data by the private sector in Singapore^[27]; The National Registration Act (1965), underpins Singapore’s foundational ID system, on which the digital identity system is built^[28]; and The Electronic Transactions Act, which establishes and regulates trustworthy digital certification services in Singapore.^[29]

There is no specific definition of digital identity within Singapore’s domestic laws. However, Singpass‘s ‘Terms of Use’ describes it as ‘the electronic identification, authentication, or authorisation service of the Government of Singapore known as ‘Singpass’ through such Devices, websites, channels or platforms, as may be designated by us from time to time.’^[30]

Singpass is linked with foundational identity systems such as the NRIC or FIN that prove citizenship or residency status. The digital identity by itself is not a proof of citizenship, rather a proof of residency status in the country.^[31] When applying for citizenship, Singpass is required in order to access and complete the application processes.^[32]

Individuals whose digital ID data is misused, lost, or mishandled can file complaints with the Personal Data Protection Commission (PDPC), which investigates, enforces penalties, and can order rectification.^[33] Individuals can also submit complaints to GovTech or the Immigration and Checkpoints Authority, both of which have formal feedback and escalation channels.^[34] Data breaches, identity theft, or disputes relating to transactions via Singpass are subject to investigation and enforcement under both PDPA and relevant criminal legislation.^[35] It is important to note that PDPA does not ordinarily apply to “public agencies” when they collect personal data to carry out public functions.^[36] Since Singpass is operated by the government, much of the personal data processed via Singpass is handled by public agencies in their official capacity; therefore, a significant volume of data-processing activities tend to be outside the PDPA’s regulatory remit.^[37]

Data Protection

Singapore’s data protection framework is one of the most established in the region. It is built on a model that draws a clear distinction between private sector and public sector obligations. The key data protection law in Singapore is the PDPA: it provides a baseline standard of protection for personal data in Singapore. It complements sector-specific legislative and regulatory frameworks such as those related to banking and insurance. It comprises various requirements governing the collection, use, disclosure and care of personal data.^[38]

The PDPA does not expressly address the NDI. The Singpass Terms of Use, however, refer to the PDPA and specify that “personal data” carries the same meaning as in the PDPA.^[39] Accordingly, data protection in the use of Singpass is regulated by the Singpass Privacy Statement, interpreted alongside the Terms of Use, and is ultimately subject to the overarching framework of the PDPA.^[40]

The PDPA’s provisions also extends to biometric data. According to the Singapore government’s FAQs about Singpass, the application collects biometric data and any data retained is encrypted in storage and protected with tamper-evident logging. The government also deletes data that is no longer required; however, no specified timeframe is stipulated regarding when data should be removed.^[41] The collected biometric data is encrypted and generally, Singpass requires authentication for access to any service. As the authentication is backed by encryption technologies and security safeguards,^[42] the government does have access to this data.^[43] Singpass authentication uses biometric facial verification through the MyInfo platform and app-based features, but there is limited publicly available information on data retention, access, and sharing between agencies. The data that the government has access to includes biometrics, personal data, information on devices and may extend to other information that is collected from the individual in using their Singpass and Singpass materials.^[44] As per information available, when a service (government or private) seeks to retrieve data via MyInfo, the user must authenticate access (via Singpass) and explicitly consent to that data sharing.^[45]

There is no evidence of direct violations of rights around privacy or surveillance in connection with the use of data obtained through Singpass and Singapore’s NDI system on stateless persons, refugees, or migrant populations. However, there has been criticism of Singapore’s ubiquitous technology-fuelled surveillance of its residents.^[46] While Singapore maintains a comprehensive private-sector data protection law, the lack of independent oversight for government-held digital identity data presents challenges for accountability and rights protection.

International Commitments

Singapore has not ratified the ICCPR, ICESCR, the 1954 and 1961 Statelessness Conventions, nor the Refugee Convention. However, the country has acceded to CEDAW, CRC and UNCRPD.^[47] In particular, the Committee on the Rights of the Child has elaborated the rights of children in digital environments. General Comment No. 25 by the Committee advocates for the creation of digital systems that enable all children to safely access essential digital public services and educational services without discrimination.^[48] There is risk that stateless children in Singapore may face exclusion from public services and education due to the lack of access to Singpass. This raises concerns regarding the full realization of obligations under CRC along with the principle of non-discrimination, under Article 7 of the UDHR.^[49] Furthermore, since Singapore is not a party to the GDPR, it is not privy to other binding international commitments with respect to digital ID systems.

The ASEAN Framework on Personal Data Protection and Framework on Digital Data Governance sets out non-binding principles encouraging member states to adopt national data protection laws and supports mutual recognition. However, it does not impose binding commitments or specific mandates on digital ID systems or make provisions for the protection of stateless persons.^[50]

Designed to Include?

The Impact of Digital ID and Legal Identity on Citizenship and Nationality Rights

Singapore’s digital ID system enhances access and digital inclusion for those who already have legal status in the country, but does not directly address the situations of stateless persons. The Singpass is not formal proof of citizenship. It is issued to citizens, permanent residents and certain foreigners with legal identity documents. There is limited information on whether stateless persons with permanent resident in Singapore are able to access Singpass and, by extension, various government and private services linked through it.^[51] Singapore offers digital inclusion programmes, workshops, subsidies and support such as the Silver Infocomm Initiative and Seniors Go Digital for persons with disabilities, senior citizens and low-income households.^[52] However, there are no specific legal or policy frameworks providing access to a digital ID for stateless persons. Assistance for stateless people typically depends on ad-hoc legal relief as opposed to systemic mechanisms for inclusion. Moreover, there are currently no significant judicial precedents involving stateless individuals and their right to access digital ID. Policy, legal and design reforms could help to ensure that stateless persons are able to access digital IDs and services linked to them.

References

1.^

‘ICA | Register Identity Card for 15-Year-Olds’ (Immigration and Checkpoints Authority) <https://www.ica.gov.sg/documents/ic/registration> accessed 9 October 2025.

2.^

World Bank, National Digital Identity and Government Data Sharing in Singapore (Washington, DC 2022) <https://hdl.handle.net/10986/38201> accessed 9 October 2025.

3.^

World Bank (n 2).

4.^

‘ICA | Register Birth and Download Digital Birth Certificate’ (ICA) <https://www.ica.gov.sg/documents/birth/birth_registration> accessed 9 October 2025; ‘Registration of Births and Deaths Act 2021 - Singapore Statutes Online’ <https://sso.agc.gov.sg/Act/RBDA2021?ProvIds=P13-> accessed 9 October 2025.

5.^

‘Registration of Births and Deaths Act 2021 - Singapore Statutes Online’ <https://sso.agc.gov.sg/Act/RBDA2021?ProvIds=P13-> accessed 9 October 2025.

6.^

‘ICA | Register Birth and Download Digital Birth Certificate’ (n 3).

7.^

‘ICA | Confirmation of Singapore Citizenship Status’ (ICA) <https://www.ica.gov.sg/reside/citizenship/confirmation> accessed 9 October 2025.

8.^

‘ICA | Confirmation of Singapore Citizenship Status’ (n 6).

9.^

World Bank (n 2).

10.^

‘New M FIN Series To Be Introduced From 1 January 2022’ (ICA) <https://www.ica.gov.sg/news-and-publications/newsroom/media-release/new-m-fin-series-to-be-introduced-from-1-january-2022> accessed 12 October 2025.

11.^

World Bank (n 2).

12.^

‘Singpass Registration Guide’ <https://portal.singpass.gov.sg/home/ui/assets/pdf/Singpass_Registration_Guide.pdf>; ‘SINGPASS | Who Is Eligible for Singpass?’ (4 April 2024) <https://ask.gov.sg/singpass/questions/clul28lp4002t3b8g3hnggivy> accessed 16 October 2025.

13.^

ibid; ‘SINGPASS | Who Is Eligible for Singpass?’ (n 11).

14.^

World Bank (n 2).

15.^

ibid.

16.^

‘Singpass’ (Government Technology Agency of Singapore (GovTech Singapore)) <https://www.tech.gov.sg/products-and-services/for-citizens/digital-services/singpass/> accessed 17 October 2025; ‘Singpass Singapore’s National Digital Identity (Factsheet)’ (Ministry of Digital Development and Information) <https://www.mddi.gov.sg/newsroom/singpass-factsheet-02032022/> accessed 17 October 2025; World Bank (n 2).

17.^

‘Written Reply to Parliamentary Question on Number of Stateless Residents Who Have Lived in Singapore for Over 20 Years’ (Ministry of Home Affairs)

18.^

‘ICA | Special Pass Card/e-Special Pass’ (ICA) <https://www.ica.gov.sg/public-education/special-pass> accessed 12 October 2025.

19.^

‘Accessibility of E-Services Portal for Workers on Special Pass Who Cannot Hold a Singpass Account’ (Singapore Parliament) <https://sprs.parl.gov.sg/search/#/sprs3topic?reportid=written-answer-17990> accessed 13 October 2025.

20.^

‘Stateless Unemployed Youth Who Has Never Gone to School Lands Job Offer’ The Straits Times (Singapore, 27 October 2024) <https://www.straitstimes.com/singapore/stateless-unemployed-youth-who-has-never-gone-to-school-lands-job-offer> accessed 13 October 2025.

21.^

World Bank (n 2).

22.^

‘Face the Challenge: Singapore’s Solution to Digital ID Verification - Global Government Forum’ <https://www.globalgovernmentforum.com/events/joining-up-digital-delivery/> accessed 13 October 2025.

23.^

National Digital Identity (Singapore) (n 23).

24.^

Reza Shaker, ‘From Policy to Platforms: Analysing Public Engagement with Singapore’s Smart Nation Initiative through Social Media Discourse’ (2025) 5 Urban Governance 142.

25.^

World Bank (n 2).

26.^

‘Public Sector (Governance) Act 2018 - Singapore Statutes Online’ <https://sso.agc.gov.sg/act/psga2018> accessed 13 October 2025.

27.^

‘Personal Data Protection Act 2012 - Singapore Statutes Online’ <https://sso.agc.gov.sg/Act/PDPA2012> accessed 13 October 2025.

28.^

‘National Registration Act 1965 - Singapore Statutes Online’ <https://sso.agc.gov.sg/Act/NRA1965> accessed 13 October 2025.

29.^

‘Electronic Transactions Act 2010 - Singapore Statutes Online’ <https://sso.agc.gov.sg/Act/ETA2010> accessed 13 October 2025.

30.^

‘Singpass - Terms of Use’ <https://portal.singpass.gov.sg/home/ui/terms-of-use> accessed 13 October 2025.

31.^

World Bank (n 2).

32.^

‘ICA | Becoming a Singapore Citizen’ (ICA) <https://www.ica.gov.sg/reside/citizenship/apply> accessed 17 October 2025.

33.^

‘PDPC | About Us’ <https://www.pdpc.gov.sg/who-we-are/about-us> accessed 13 October 2025.

34.^

‘ICA | E-Services and Forms’ (ICA) <https://www.ica.gov.sg/eservicesandforms> accessed 13 October 2025; ‘Contact Us’ (Government Technology Agency of Singapore (GovTech Singapore)) <https://www.tech.gov.sg/contact-us/> accessed 13 October 2025.

35.^

‘Personal Data Protection Act 2012 - Singapore Statutes Online’ (n 29).

36.^

‘PDPC | PDPA Overview’ <https://www.pdpc.gov.sg/overview-of-pdpa/the-legislation/personal-data-protection-act> accessed 9 December 2025.

37.^

ibid.

38.^

‘PDPC | PDPA Overview’ <https://www.pdpc.gov.sg/overview-of-pdpa/the-legislation/personal-data-protection-act> accessed 13 October 2025.

39.^

‘Singpass - Terms of Use’ (n 32). Under the PDPA, “‘personal data’ means data, whether true or not, about an individual who can be identified —
(a) from that data; or
(b) from that data and other information to which the organisation has or is likely to have access”.

40.^

‘Singpass - Privacy Statement’ <https://portal.singpass.gov.sg/home/ui/privacy-statement> accessed 13 October 2025.

41.^

‘SINGPASS | Does Singpass Collect Biometric Data during the Use of Singpass Face Verification?’ (15 April 2024) <https://ask.gov.sg/singpass/questions/clul335ej004h3b8g9hx52txa> accessed 13 October 2025.

42.^

‘Singpass - Principles’ <https://www.singpass.gov.sg/main/principles/> accessed 13 October 2025.

43.^

‘Singpass - Privacy Statement’ (n 40).

44.^

ibid.

45.^

‘API Specifications | Legacy Myinfo v3/v4 | Singpass Developer Docs’ (19 March 2025) <https://docs.developer.singpass.gov.sg/docs/legacy-myinfo/technical-specifications/myinfo-v3/api-specifications> accessed 9 December 2025.

46.^

Peter Guest, ‘Singapore’s Tech-Utopia Dream Is Turning into a Surveillance State Nightmare’ (Rest of World, 16 November 2021) <https://restofworld.org/2021/singapores-tech-utopia-dream-is-turning-into-a-surveillance-state-nightmare/> accessed 13 October 2025; Dev Account, ‘Singapore’s “Smart City” Initiative: One Step Further in the Surveillance, Regulation and Disciplining of Those at the Margins’ (Center for Human Rights and Global Justice, 18 March 2022) <http://chrgj.org/2022-03-18-singapore-smart-city-initiative/> accessed 13 October 2025; ‘Singapore’s Surveillance Experiments on Low-Wage Migrant Worker Dormitories: Implications for Singapore and Other Nations’ (Social Science Research Council (SSRC)) <https://www.ssrc.org/grantees/singapores-surveillance-experiments-on-low-wage-migrant-worker-dormitories-implications-for-singapore-and-other-nations/> accessed 13 October 2025.

47.^

‘Singapore - Statelessness Encyclopedia Asia Pacific - SEAP’ <https://seap.nationalityforall.org/region/regional-overview/southeast-asia/singapore/> accessed 17 October 2025.

48.^

‘General Comment No. 25 (2021) on Children’s Rights in Relation to the Digital Environment’ <https://www.unicef.org/bulgaria/en/media/10596/file>.

49.^

Universal Declaration of Human Rights (adopted 10 December 1948) UNGA Res 217 A(III) art 6.

50.^

ASEAN TELMIN, ‘Framework on Personal Data Protection’ (2016) <https://cil.nus.edu.sg/wp-content/uploads/2020/08/2016-Frmwk-PDP.pdf>; ASEAN TELMIN, ‘Framework on Digital Data Governance’ (2018) <https://cil.nus.edu.sg/wp-content/uploads/2020/09/2018-Framework-Digital-Data-Governance.pdf>.

51.^

‘Stateless Unemployed Youth Who Has Never Gone to School Lands Job Offer’ (n 21); ‘Accessibility of E-Services Portal for Workers on Special Pass Who Cannot Hold a Singpass Account’ (n 20).

52.^

INFOCOMM Development Authority of Singapore, ‘Factsheet: Overview of Digital Inclusion’ (30 July 2024) <https://www.imda.gov.sg/-/media/imda/files/inner/about-us/newsroom/media-releases/2016/0421_senior-smart-phone-workshop/factsheet-for-the-overview-of-digital-inclusion-programmes.pdf> accessed 13 October 2025; Fei Yue, ‘Digital Inclusion for Seniors in Singapore’ (2024) <https://fycs.org/digital-inclusion-for-seniors-in-singapore/>.

See Statelessness Overview