CYBERSECURITY
15
- compromise of the computer or computer system will have a debilitating effect on the availability of the essential service in Singapore; and
- (b) the computer or computer system is located wholly or partly in Singapore.
(2) A notice issued under subsection (1) must—
- (a) identify the computer or computer system that is being designated as a critical information infrastructure;
- (b) identify the owner of the computer or computer system so designated as a critical information infrastructure;
- (c) inform the owner of the computer or computer system, regarding the owner’s duties and responsibilities under this Act that arise from the designation;
- (d) provide the name and contact particulars of the officer assigned by the Commissioner to supervise the critical information infrastructure;
- (e) inform the owner of the computer or computer system that any representations against the designation are to be made to the Commissioner by a specified date, being a date not earlier than 14 days after the date of the notice; and
- (f) inform the owner of the computer or computer system that the owner may appeal to the Minister against the designation, and provide information on the applicable procedure.
(3) Any designation under subsection (1) has effect for a period of 5 years, unless it is withdrawn by the Commissioner before the expiry of the period.
(4) The person who receives a notice under subsection (1) may request the Commissioner to proceed under subsection (5) upon showing proof that—
- (a) the person is not able to comply with the requirements in this Part for the reason that the person has neither effective control over the operations of the computer or computer
