On Thursday 14 May 2020, the Ministry of Communications and Information and the Personal Data Protection Commission of Singapore launched an online public consultation of the Personal Data Protection (Amendment) Bill 2020.
Perhaps counterintuitively, one of the things that the amendment bill does is to amend the Spam Control Act. So, let’s see what that is all about.
But first, for a sneak preview – this paper is about:
The headlines are that:
Background
At present, it is true to say that the Spam Control Act is mostly disregarded. The Do Not Call provisions in the PDPA are seen to have duplicated it. This is partly, but not entirely, true in practice - even it is not technically true.
The Spam Control Act defines 'commercial electronic message' in very similar, if not the same, terms as a 'specified message' under the PDPA - the difference is that:
The Spam Control Act is about sending unsolicited commercial electronic messages so the definition of an 'electronic message' is central to it.
An 'electronic message' is 'a message sent to an electronic address' and 'electronic address' means 'an electronic mail address or a mobile telephone number to which an electronic message can be sent.'
Therefore, commercial electronic messages are emails and SMS messages. (Voice calls are excluded explicitly.)
The Spam Control Act also prohibits the use of dictionary attacks and of address-harvesting software to send commercial electronic messages. The PDPA does not currently prevent the use of dictionary attacks and address-harvesting software.
The problem with the Spam Control Act
The Spam Control Act is mostly disregarded because enforcement is, to say the least, cumbersome. It can only be enforced by a person who suffers loss or damage as a result of a contravention of the Spam Control Act. They can go to Court to get various remedies, including statutory damages of $25 per message (up to a total of $1 million) if certain matters are proven.
It is seldom the case that taking Court action would be worthwhile. Indeed, a search of Singapore's legal records yields only one hit on
Get access to news, enforcement cases, events, and actionable tips and guides
Get regular email updates and offers
Job opportunities, mentorship and career guidance
Exclusive access to Data Protection community - ask questions, network and share knowledge with peers and experts via WhatsApp and Linkedin
DPEX Network is a Community Initiative of Straits Interactive.
Copyright © Straits Interactive Pte Ltd. All Rights Reserved.
All intellectual property rights to logos and brands featured on this website remain the property of their respective owners.