Stringent measures are in place to safeguard TraceTogether data by the government, its custodian.
However, under the Criminal Procedure Code, the Singapore Police are empowered to obtain any data for criminal investigations.
This includes TraceTogether data.
Accessing TraceTogether data without authorisation is a crime
Answering a Parliamentary question from Christopher de Souza, Minister of State for Home Affairs Desmond Tan said that only authorised officers are allowed to access the data for authorised purposes, and the data is stored on a secure platform.
Public officers who access the data without authorisation may be fined up to S$5,000, jailed for up to two years, or both.
After a follow-up question from de Souza, Tan stated that data may be extracted from witnesses, if necessary during the course of an investigation.
He added that for individuals "[who] are suspects or under investigation", the data "will not be extracted from this for purpose of the security".
In another follow-up question, Gerald Giam of the Workers' Party asked if this violates the TraceTogether privacy statement, that states that data shared with MOH will only be used for the contact tracing of people possibly exposed to Covid-19.
Giam also expressed concern that this may reduce voluntary adoption of the use of the TraceTogether token or app.
In response, Tan said that while TraceTogether was developed to fight Covid-19, the authorities will not preclude the use of TraceTogether data in circumstances where citizens' safety and security has been affected.
This also applies to "all other data", under the Criminal Procedure Code.
However, other than criminal investigations or to protect the safety and security of the citizens, TraceTogether data will only be used for contact tracing and fighting Covid-19.
Top image from Desmond Tan's Facebook page.