Partners

David N. Alfred

Director, Corporate & Finance
Co-Head, Data Protection, Privacy & Cybersecurity
Co-Head and Programme Director, Drew Data Protection & Cybersecurity Academy

Key Practices

Qualifications

  • MBA, University of Chicago
  • LL.M., National University of Singapore
  • LL.B. (Hons), National University of Singapore
  • Senior Accredited Specialist (Data & Digital Economy Law), Singapore Academy of Law
  • Fellow of Information Privacy, International Association of Privacy Professionals
  • CIPP/A, CIPM, CIPT (IAPP)
  • DDDLP, ACLP (WSQ)
  • Advocate & Solicitor, Singapore
  • Solicitor, England and Wales (non-practising)

David is Director and Co-Head of Data Protection, Privacy and Cybersecurity at Drew & Napier and a member of the firm’s Artificial Intelligence (AI) and Digital Trust practice. He is also Co-Head and Programme Director of the Drew Data Protection & Cybersecurity Academy.

David is a senior technology lawyer with over 25 years’ experience encompassing legal, public policy, business and technological aspects of the digital economy, data, digital technology, telecommunications and the Internet. He has particular expertise in data law and policy, digital and cyber regulation, data protection and cybersecurity.

David has spoken widely on global aspects of data governance, privacy and cybersecurity, development of data protection law in Southeast Asia, data protection management and compliance, AI regulation, digital trust and other technology and business-related topics. He has taught courses up to postgraduate level at local tertiary institutions and is a qualified corporate trainer and adult educator.

Prior to joining the firm, David was the first Chief Counsel to Singapore’s Personal Data Protection Commission (from 2013 to 2020). He has also worked with Singapore’s Info-communications Media Development Authority and its predecessor, the Info-communications Development Authority of Singapore.

David has extensive experience advising and acting for government, commercial and not-for-profit organisations in diverse sectors (for example, telecommunications, information technology, media, e-commerce, banking, insurance, healthcare, retail, hospitality, and manufacturing).

Some matters David has advised on include the following:

  • Public policy and development of data protection laws in Singapore and Brunei Darussalam, including conduct of public consultations, stakeholder engagement and competency development
  • Numerous enforcement cases under Singapore’s Personal Data Protection Act 2012 (PDPA)
  • Cybersecurity incident and data breach management and response
  • Cybersecurity reviews and audits for a wide range of systems and applications
  • Cross-border transfers of personal data, data transfer agreements and transfer impact assessments
  • Outsourcing of data processing activities including related contracts and security requirements
  • Development of data protection policies, notices and related documentation including regional and global policies
  • Data protection compliance and development and implementation of a data protection management programme
  • Development of the data protection function and competency development in data protection and cybersecurity
  • Contracts for procuring or providing AI-related products and services

The Legal 500 Asia Pacific

Data Protection and Cyber Security 2024 – Leading Individual

TMT 2024 – Recommended Lawyer for 4 consecutive years

  • “critical thinking, solid drafting and excellent legal strategy”
  • “David Alfred possesses a deep understanding of the nuances and intricacies of data protection and can be relied on to provide sound advice and practical guidance at each stage of the matter.”

Global Data Review 

GDR 100 2022 

  • “quickly analyse complex issues and provide robust analysis on compliance processes”

asialaw Leading Lawyers 2023/24 

  • “He is very knowledgeable, prompt, able to offer solutions, understands business concerns, practical, and has a good network with regulators.”

Best Lawyers International: Singapore

Privacy and Data Security Law 2025 – Endorsed Individual
Telecommunications Law 2025 – Endorsed Individual for 2 consecutive years

  • Honorary Secretary, Digital Trust Chapter, SGTech
  • Adjunct Associate Professor, Faculty of Law, National University of Singapore
  • Member, Singapore Academy of Law
  • Member, Law Society of Singapore
  • Member, Law Society of England and Wales
  • Member, International Association of Privacy Professionals
  • Member, Adult Education Network
  • David N. Alfred & Lanx Goh, Cross-border Issues in Data Protection (Chapter) in Data Protection Law in Singapore, 2nd (Singapore Academy of Law, 2018)
  • David N. Alfred and Janice Lee, Individual Rights under the Amended Personal Data Protection Act: Balancing Individual Control and Organisational Accountability [2021] PDP Digest 205
  • David N. Alfred, Development of Singapore Data Protection Law: International Influences and Local Needs [2017] PDP Digest 241
  • Regulatory Developments in AI, Decentralised Technologies, Data Protection and Cybersecurity in the Asia-Pacific in World Legal Summit (WLS) Special Edition e-zine (co-author 2020)
  • Lim Chong Kin, David N. Alfred & Albert Pichlmaier, Chambers Global Practice Guide – Singapore: Cybersecurity (2021 – 2023)
  • Lim Chong Kin, David N. Alfred & Albert Pichlmaier, International Comparative Legal Guide – Singapore: Cybersecurity (2021 – 2023)