The Ministry of Communications and Information tabled the Online Safety (Miscellaneous Amendments) Bill for its first reading in Parliament on 3 October 2022, setting out proposed regulations of providers of online communication services with significant reach or impact accessible by any Singapore end-user, as well as measures to prevent access to egregious content. The aim of the Bill is to enhance online user safety, particularly for children, and to curb the spread of harmful content on OCS. Designated providers of such OCS will have to comply with Codes of Practice issued by the Info-communications Media Development Authority to enhance online safety for Singapore end-users and curb the spread of harmful content on their service.

As part of the multi-pronged effort by the Infocomm Media Development Authority and other stakeholders to combat scams and safeguard SMS messaging as a communications channel, the IMDA will implement two measures following a public consultation: (i) mandatory registration with the Singapore SMS Sender ID Registry: Registration with the SSIR will be mandatory for all organizations that use SMS Sender IDs, and (ii) telecommunications operators to implement SMS anti-scam filtering solutions: Anti-scam filtering solutions will be implemented by telecommunications operators within their mobile networks to automatically filter potential scam messages before they reach consumers.

As part of an ongoing approach to combat scams, the Infocomm Media Development Authority (IMDA) has proposed new measures to reduce the ability of scammers to spoof their identity by using the same alphanumeric sender identification (“SMS Sender ID”) used by bona fide businesses. To further enhance consumer protection, the IMDA intends to make Singapore SMS Sender ID Registry (SSIR) registration mandatory for organisations who wish to use SMS Sender IDs.
Organisations using SMS Sender IDs must register with the SSIR using their Unique Entity Number (UEN) and aggregators handling SMS with Sender IDs must also participate in the SSIR and verify organisations via their UENs.

The Singapore Court of Appeal, in its recent decision of Reed, Michael v Bellingham, Alex (Attorney-General, intervener) [2022] SGCA 60, provides clarity on two provisions under the Personal Data Protection Act (PDPA). The first is section 4(1)(b), which states that the PDPA does not impose any obligation on any employee acting in the course of their employment with an organization. The second is the then section 32 (now section 48O), which allows individuals who suffer loss or damage as a result of an organization’s contravention of the PDPA, the right to commence private action against the organization.

In July 2022, the Singapore Personal Data Protection Commission published a guide to help organisations comply with the Personal Data Protection Act when deploying blockchain applications that process personal data. As such, this Guide provides a broad set of principles and considerations for organisations to design their blockchain applications to be PDPA-compliant, thus ensuring more accountable management of customers’ personal data.

The Ministry of Communications and Information has released, in its Public Consultation published on 13 July 2022, more information on two proposed complementary codes to protect Singapore-based users against harmful and high-risk online content.
Social media platforms with significant reach or impact that are designated social media services will be in-scope for the new compliance obligations proposed by the MCI under the Code of Practice for Online Safety and all social media services are intended to be subject to the Content Code for Social Media Services.

In May 2022, the Singapore Personal Data Protection Commission published a guide to help organisations collect, use or disclose individuals’ biometric data in a responsible manner. With security applications like security cameras and Closed-Circuit Television Cameras becoming increasingly commonplace, there have been more cases of organisations mishandling individuals’ biometric data. The release of this guide serves as a timely reminder for organisations to review their existing measures or implement new measures to ensure that they are dealing with individuals’ biometric data in a responsible manner.

The Singapore Computer Emergency Response Team (SingCERT), set up by the Cyber Security Agency of Singapore to facilitate the detection, resolution and prevention of cybersecurity-related incidents on the internet, has issued a list of measures that organisations should adopt to ensure proper cyber hygiene controls are in place and operating correctly. SingCERT’s advisory is issued on the basis of warnings of increased cyber threats globally arising from the recent cyberattacks on Ukraine and the developments in the invasion of Ukraine by Russia.

Singapore authorities have introduced measures to combat SMS-phishing scams. These measures include the anti-SMS spoofing registry.

The Singapore Computer Emergency Response Team (SingCERT), set up by the Cyber Security Agency of Singapore to facilitate the detection, resolution and prevention of cybersecurity-related incidents on the internet, has issued a list of measures that organisations should adopt to ensure proper cyber hygiene controls are in place and operating correctly.
SingCERT’s advisory is issued on the basis of warnings of increased cyber threats globally arising from the recent cyberattacks on Ukraine and the developments in the invasion of Ukraine by Russia.