Partners

David N. Alfred

Director, Corporate & Finance
Co-Head, Data Protection, Privacy & Cybersecurity
Co-Head and Programme Director, Drew Data Protection & Cybersecurity Academy

Key Practices

Qualifications

  • MBA, University of Chicago
  • LL.M., National University of Singapore
  • LL.B. (Hons), National University of Singapore
  • Senior Accredited Specialist (Data & Digital Economy Law), Singapore Academy of Law
  • Fellow of Information Privacy, International Association of Privacy Professionals
  • CIPP/A, CIPM, CIPT (IAPP)
  • DDDLP, ACLP (WSQ)
  • Advocate & Solicitor, Singapore
  • Solicitor, England and Wales (non-practising)

David is Director and Co-Head of Data Protection, Privacy and Cybersecurity at Drew & Napier and a member of the firm’s Artificial Intelligence (AI) and Digital Trust practice. He is also Co-Head and Programme Director of the Drew Data Protection & Cybersecurity Academy.

David is a senior technology lawyer with over 25 years’ experience encompassing legal, public policy, business and technological aspects of the digital economy, data, digital technology, telecommunications and the Internet. He has particular expertise in data law and policy, digital and cyber regulation, data protection and cybersecurity.

David has taught courses up to postgraduate level at local tertiary institutions and is a qualified corporate trainer and course developer. He has developed and delivered a range of courses relating to data protection, cybersecurity, data governance, AI regulation, digital trust and other technology and business-related topics. 

Prior to joining the firm, David was the first Chief Counsel to Singapore’s Personal Data Protection Commission (from 2013 to 2020). He has also worked with Singapore’s Info-communications Media Development Authority and its predecessor, the Info-communications Development Authority of Singapore.

David has extensive experience advising and acting for clients in diverse sectors, including, for example, telecommunications, information technology, media, e-commerce, banking, insurance, healthcare, retail, hospitality, and manufacturing.

Some matters David has advised on include the following:

  • Public policy and development of data protection laws in Singapore and Brunei Darussalam, including conduct of public consultations, stakeholder engagement and competency development
  • Numerous enforcement cases under Singapore’s Personal Data Protection Act 2012 
  • Cybersecurity incident and data breach management and response
  • Cybersecurity reviews and audits 
  • Cross-border transfers of personal data, data transfer agreements and transfer impact assessments
  • Outsourcing of data processing activities including related contracts and security requirements
  • Development of data protection policies, notices and related documentation including regional and global policies
  • Development of the data protection function and competency development in data protection and cybersecurity
  • Contracts for procuring or providing AI-related products and services

Chambers Asia-Pacific 

TMT 2025 – Band 4

  • “His strength lies in his deep understanding of the regulatory processes. He also provides strong support on contentious matters.”
  • “I think very highly of David, he knows his stuff very well.”

The Legal 500 Asia Pacific

Data Protection and Cyber Security 2025 – Leading Individual for 2 consecutive years

TMT 2025 – Recommended Lawyer for 5 consecutive years

  • “David Alfred … has in-depth understanding of data protection laws in Singapore and ASEAN. His ability to navigate complex regulatory frameworks and his deep understanding of our industry's nuances have consistently impressed me.”
  • “critical thinking, solid drafting and excellent legal strategy”
  • “David Alfred possesses a deep understanding of the nuances and intricacies of data protection and can be relied on to provide sound advice and practical guidance at each stage of the matter.”

Global Data Review 

GDR 100 2022 

  • “quickly analyse complex issues and provide robust analysis on compliance processes”

asialaw Leading Lawyers 2024 

  • "Incisive regulatory advice, cuts to the heart of legal issues and solid legal recommendations."
  • “He is very knowledgeable, prompt, able to offer solutions, understands business concerns, practical, and has a good network with regulators.”

Lexology Index (previously Who’s Who Legal) 

Global Guide: Data 2025 – Data Privacy & Protection – Recommended Individual

Global Guide: Data 2025 – Data Security – Recommended Individual

Best Lawyers International: Singapore

Privacy and Data Security Law 2025 – Endorsed Individual
Telecommunications Law 2025 – Endorsed Individual for 2 consecutive years

  • Singapore Academy of Law
  • Law Society of Singapore
  • Law Society of England and Wales
  • International Association of Privacy Professionals
  • Adult Education Network
  • David N. Alfred, Development of Singapore Data Protection Law: International Influences and Local Needs [2017] PDP Digest 241
  • David N. Alfred & Lanx Goh, Cross-border Issues in Data Protection (Chapter) in Data Protection Law in Singapore, 2nd (Singapore Academy of Law, 2018)
  • Regulatory Developments in AI, Decentralised Technologies, Data Protection and Cybersecurity in the Asia-Pacific in World Legal Summit (WLS) Special Edition e-zine (co-author 2020)
  • David N. Alfred and Janice Lee, Individual Rights under the Amended Personal Data Protection Act: Balancing Individual Control and Organisational Accountability [2021] PDP Digest 205
  • Lim Chong Kin, David N. Alfred & Albert Pichlmaier, Chambers Global Practice Guide – Singapore: Cybersecurity (2021 – 2024)
  • Lim Chong Kin, David N. Alfred & Albert Pichlmaier, International Comparative Legal Guide – Singapore: Cybersecurity Laws & Regulations (2021 – 2025)
  • Lim Chong Kin, David N. Alfred & Albert Pichlmaier, International Comparative Legal Guide – Singapore: Cybersecurity Laws & Regulations: Expert Analysis Generative AI & Cyber Risk (2025)