Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Things to Know about the Spam Control Act (Singapore)

Things to Know about the Spam Control Act (Singapore)

Spam control act singapore
Businesses can get into trouble if they do not offer opt-out option in their messages

Spam Control Act Singapore – Business correspondence has continuously been changing in recent years due to advancing technologies and ease of access to the internet. It works multi ways through emails or texts. But are these messages worth reading or are they just taking up space in our inboxes?

To reduce e-mail spam in Singapore, the Infocomm Development Authority of Singapore (IDA) has worked closely with the three major Internet Service Providers, Consumer Association of Singapore (CASE), Direct Marketing Association of Singapore (DMAS), Singapore Business Federation (SBF) and Singapore infocomm Technology Federation (SiTF) to introduce a multi-pronged approach to tackle e-mail spam. Other aspects of the multi-pronged methodology incorporate public education, industry self-regulation and co-operation.

What is the Spam Control Act Singapore?

The Spam Control Act Singapore is an Act to accommodate the control of spam, which is unsolicited commercial communications sent in mass by electronic mail, text or multi-media to mobile phone numbers, and to accommodate matters associated therewith.

Spam, otherwise called junk mail, is spontaneous business correspondences sent in mass and is frequently regarded as unwelcome mail. With the intermingling of data innovation and media communications, controlling spam is getting harder to manage. Along these lines, the Spam Control Act which was passed by the Singapore Parliament on 12th April 2007 will provide this framework as a means to address the still-growing and global phenomenon.

What scenarios warrant the Spam Control Act?

The Spam Control Act Singapore shall not apply except when an electronic message has a Singapore link. Here are the guidelines for the purposes of subsection, an electronic message has a Singapore link in the subsequent conditions:

  • If the message originates in Singapore;
  • a person who is physically present in Singapore when the message is sent; or
  • an entity whose focal administration and control is in Singapore when the message is sent;
  • the computer, mobile telephone, server or device that is utilized to get to the message is situated in Singapore;
  • if the message can’t be sent because the relevant electronic location has ceased to exist, it is reasonably likely that the message would have been retrieved using a computer, mobile telephone, server or device situated in Singapore.

Who can run foul of the Act?

Mobile marketers and e-mail marketers are likely possible individuals or entities. The Spam Control Act Singapore basically means that any person shall not send, cause to be sent, or authorize the sending of, an electronic message to electronic addresses generated or obtained through the use of address harvesting software; or a dictionary attack. Hence, is applicable to all electronic messages, whether or not they are unsolicited commercial electronic messages.

Is there an exemption?

The Spam Control Act Singapore doesn’t apply if it is authorized by the Government or a statutory body on the occurrence of any public emergency, in the public interest or in the interests of public security or national defense.

What are the requirements amd penalties for unsolicited commercial electronic messages?

The proper guidelines in creating an unsolicited commercial electronic messages is  “header information” means the source, destination and routing information attached to an electronic message, including, where applicable, the originating domain name and originating electronic mail address, and any other information that appears in the line identifying, or purporting to identify, the sender of the message.

Those who neglect to comply can be taken to court by consumers. Whenever seen as liable, errant spammers can be accountable to pay statutory damages up to $25 per message. On the other hand, the total penalty for spam with similar subject matter cannot exceed $1 million.

On a side note, the Act relies only on consumers to engage in civil lawsuits against recalcitrant spammers, which may deter numerous parties from pursuing legal action against spammers as it is costly and time-consuming.

The Act will affect the ways in which companies that are actively using the Internet and other media advancements to advertise their products and services. Companies who buy marketing databases should also identify the origin of these databases. They ought to likewise review their advertising procedures to ensure that they don’t accidentally approve the sending of non-compliant unsolicited commercial messages.

Contact Privacy Ninja for a non-obligatory consultation if you are unsure of your telemarketing or mass messages sending activities.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us