Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$3,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Secure your application’s future with our API Penetration Test, designed to identify vulnerabilities and protect your data through real-world attack simulations.

        • Network Penetration Testing
        • Boost your network’s security with our Network Penetration Testing service, where we simulate cyber-attacks to uncover vulnerabilities before they can be exploited by malicious actors.

        • Mobile Penetration Testing
        • Identify and address security vulnerabilities in your mobile app through simulated cyber-attacks, ensuring the safety of user data and seamless functionality.

        • Web Penetration Testing
        • Discover and mitigate security risks in your web application through simulated cyber-attacks, fortifying your online presence against potential threats.


        • OTHERS

Unsolicited Electronic Messages Act Means for Businesses

unsolicited electronic messages act
Learn what does unsolicited electronic messages act means as wells as its importance to your business.

Unsolicited Electronic Messages Act Means for Businesses

Unsolicited electronic messages act  to provide for the control of spam, which is unsolicited commercial communications sent in bulk by electronic mail or by text or multi-media messaging to mobile telephone numbers, and to provide for matters connected therewith.

What is an electronic message?

Email, instant messaging, SMS, multimedia messaging services are covered by the unsolicited electronic messages act. It does not cover voice calls (real, recorded or synthetic) or facsimiles.

What is a commercial electronic message?

A message is commercial if it:

  • Markets or promotes goods, services, land, interests in land, or business or investment opportunities
  • Assists/enables a person to obtain a financial advantage or gain from another
  • Provides a link/directs a recipient to a message that does either of the above

A message is not commercial if it:

  • Contains quotes or estimates requested for goods and services
  • Relates to ongoing commercial transactions agreed to by the recipient
  • Provides warranty, security information or similar notices for products or services obtained by the recipient
  • Provides factual information relating to subscriptions, memberships, accounts, loans or other similar relationships involving the recipient’s ongoing purchase or use
  • Provides information relating to the recipient’s current employment relationship or related benefit plans
  • Delivers goods or services (including product updates or upgrades) the recipient is entitled to under a transaction entered into
  • Provides information about goods or services provided by a government body (which includes Universities) or courts and tribunals
Watch this video for just a quick discussion about unsolicited electronic messages act.

When is a commercial electronic message unsolicited?

When the recipient has not consented to receiving the message.

What is an electronic address?

An email account, instant messaging service, telephone account or similar account.

Sender’s obligation to provide accurate contact sender information and unsubscribe facility

Any commercial electronic message (sent with or without consent) must clearly and accurately identify the person who authorized the sending of the message and provide accurate contact information. It must also contain an unsubscribe facility allowing recipients to be removed from the distribution list without cost to the recipient.

Restriction on use of address-harvesting software and harvested address lists

Individuals and organisations in Singapore must not use address harvesting tools and lists of addresses in connection with or with the intention of sending unsolicited commercial email addresses (whether or not the harvester is the sender of such messages or sending is by another person or organisation).

Also read:

What is consent?

  • Expressly agreeing to receive electronic messages (e.g. signing a form to that effect, ticking a website box, oral agreement)
  • Consent inferred from business or other relationship (e.g. providing an email address, exchanging business cards)
  • Consent assumed by the unsolicited electronic messages act from the conspicuous publication of an electronic address in a business or official capacity where there is no explicit statement that the address holder does not want to receive unsolicited electronic messages at that address and where the message relates to the holder’s business or official capacity

There are three different types of consent in the unsolicited electronic messages act: Express consent, Inferred consent, or Deemed consent.

Express consent
The person has directly said that it’s OK for you to send them email messages Most commonly this would be a box that they ticked on your website or a form they filled out in your shop.

Inferred consent
Inferred consent is when the person expects to receive email from you such as when they complete a form and supply their email address.

Deemed consent
When someone publicly displays their email address to be contacted such as a business card or website. You may only contact them in relation to their business.

Also Read: Document Shredding Services for Commercial Document Destruction

Application of unsolicited electronic messages act

  1. This Act shall not apply unless an electronic message has a Singapore link.
  2. For the purposes of subsection, an electronic message has a Singapore link in the following circumstances:
  • the message originates in Singapore;
  • the sender of the message is an individual who is physically present in Singapore when the message is sent; or an entity whose central management and control is in Singapore when the message is sent;
  • the computer, mobile telephone, server or device that is used to access the message is located in Singapore;
  • the recipient of the message is an individual who is physically present in Singapore when the message is accessed; or an entity that carries on business or activities in Singapore when the message is accessed; or if the message cannot be delivered because the relevant electronic address has ceased to exist (assuming that the electronic address existed), it is reasonably likely that the message would have been accessed using a computer, mobile telephone, server or device located in Singapore.

3. Notwithstanding subsection, this Act shall not apply to any electronic message specified in the First Schedule to such extent as may be specified therein.

Businesses must ensure they do not send spam.

Businesses must comply with the unsolicited electronic messages act

Businesses must ensure they do not send spam. Failure to comply could mean a fine of up to S$697220.5 

Steps to ensure you’re not ‘spamming’
Follow the steps below to ensure you are not sending spam:

  1. Make sure you have consent to send to people in your list. If you’ve already been sending out group emails you will need to get consent from those people to continue sending them messages.
  2. On every message, you should have the details of the real person sending the email and the contact details of the business sending the email.
  3. There has to be a working unsubscribe link on the email.
  4. Don’t use software that collects email addresses off websites (email harvesting).
  5. Don’t give your email list to anyone else.

Also read:



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us