Singapore's PolCam programme — the Singapore Police Force's (SPF) network of public-space cameras anchored in Housing & Development Board (HDB) blocks, lift lobbies and multi-storey carparks — is on track to roughly double in size by the end of the decade. SPF has signalled plans to push the network toward approximately 200,000 cameras by 2030, extending coverage to more void decks, carpark levels, hawker centres and transport interchanges. For a city-state of about 5.9 million people, that is a striking density, and it has reopened a difficult but necessary conversation about how Singapore wants to balance public-safety gains, technological efficiency, and the privacy expectations that a confident digital economy depends on.
Our editorial starting point is simple: CCTV in public spaces, used proportionately, is not the problem. Singapore's experience with the existing PolCam rollout, first launched in 2012, has been genuinely useful for solving crimes ranging from loanshark harassment to molestation, theft and vandalism. SPF has repeatedly credited PolCam footage in solving thousands of cases. That is a real public good, and treating every camera as inherently suspect would be intellectually lazy. The harder, more honest question is what guardrails should apply when the network gets larger, smarter, and increasingly capable of recognising not just what happened, but who was there.
What the expansion actually changes
Three things make the 2030 plan qualitatively different from the original PolCam rollout.
- Density. Doubling the camera count concentrates coverage at the level of individual HDB lifts, corridors and carpark decks. Coverage that thick begins to approach continuous public movement tracking when paired with analytics.
- Analytics. Modern systems are not just passive recorders. Object detection, automatic number-plate recognition (ANPR), and — most consequentially — live or near-live facial recognition can convert a video archive into a queryable identity graph.
- Integration. SPF cameras increasingly sit in the same operational environment as Land Transport Authority (LTA) cameras, town council CCTV, and private feeds. The aggregate footprint, not any single camera, is what determines the privacy impact.
The PDPC angle: biometrics deserve a higher bar
Singapore's Personal Data Protection Act (PDPA) and the Personal Data Protection Commission (PDPC) have, over the last few years, treated biometric data — including facial templates — as warranting heightened care. PDPC's Advisory Guidelines on the PDPA for Selected Topics and its guidance on NRIC and biometric data make clear that biometric identifiers are not just another data field: they are uniquely identifying, immutable, and high-risk if mishandled.
Public-sector use of CCTV is not directly governed by the PDPA in the same way as the private sector — the Public Sector (Governance) Act and internal Government Instruction Manuals apply instead — but the PDPC's substantive standards still set the cultural and technical benchmark. If Singapore wants its biometric guidance to be credible for industry, the state itself should visibly meet or exceed it.
A pro-innovation framework, not a moratorium
Civil-society groups internationally, including the EFF, have argued forcefully that biometric surveillance abuses must not be normalised, and that legal frameworks and accountability mechanisms remain too weak in many jurisdictions. That critique is worth taking seriously without sliding into the opposite error of demanding a blanket ban that would forfeit real public-safety benefits.
The right policy question is not "cameras or no cameras" — it is "which uses, with which safeguards, reviewable by whom".
A proportionate Singapore framework for the 2030 network could rest on five pillars:
- Purpose limitation in law, not policy. Codify in legislation that PolCam footage is for crime prevention, investigation and emergencies — not commercial profiling, immigration sweeps unrelated to specific offences, or political monitoring.
- Live facial recognition: opt-in by Parliament, not by procurement. Any deployment of real-time face matching across the network should require explicit statutory authorisation, with defined offences, judicial or independent oversight, and published error-rate audits.
- Retention discipline. Default retention windows for raw footage measured in weeks, not years, with longer retention only on case-linked holds. The PDPC's own guidance on minimisation should be the floor.
- Transparency reporting. An annual public report covering camera counts, analytics in use, number of facial-recognition queries, false-positive rates, and audit findings. Singapore already publishes high-quality crime statistics; this is a natural extension.
- Independent technical audit. A standing role for the PDPC or a designated body to audit accuracy and demographic bias of any biometric analytics layered onto PolCam, with findings made public in summary form.
Why this is good for the tech sector too
Singapore positions itself as a trusted hub for AI, fintech, and data-driven services. That brand depends on the perception — at home and abroad — that the Singaporean state holds itself to the same data-protection logic it asks of companies. A 200,000-camera network operated with visible proportionality and oversight will reinforce that brand. One operated as a black box will not, and will hand a rhetorical gift to jurisdictions that would prefer to question Singapore's data-trust credentials.
The PolCam expansion is, in our view, defensible. The biometric layer that may eventually sit on top of it is the part that requires a deliberate, statutory, and public conversation — ideally before, not after, the contracts are signed.