This article is produced by CMS Holborn Asia, a Formal Law Alliance between CMS Singapore and Holborn Law LLC.
On 4 March 2022, the Singapore Government announced in the Parliament a slew of proposed measures to enhance regulation of the digital economy.
In particular, the Government intends to –
Introduce Codes of Practices in the areas of child safety, user reporting, and platform accountability;
Strengthen the cybersecurity law in Singapore;
Implement the amendments to the data protection law already made to enhance the financial penalties for data breaches with effect from 1 October 2022; and,
Launch an Alternative Dispute Resolution Scheme to resolve contractual disputes with telco and media service providers.
Introducing Codes of Practices
To protect Singaporeans from harmful online content, Government intends to introduce Codes of Practices to ensure that online platforms accessible by users in Singapore take greater responsibility for user safety, and endeavour to keep online spaces free from harmful content.
The Codes of Practices shall cover three new areas –
Child Safety. Platforms would be required to have robust systems in place (including content filters and parental supervision mechanisms) to minimise exposure of children and young persons to harmful content.
User Reporting Mechanism. Platforms would be required to set up user reporting mechanisms for users to report harmful content. These platforms would also be required to be responsive in evaluating and acting on these reports, and apprise their users in a timely manner of the actions taken.
Accountability Measures. Platforms would need to implement accountability measures, including to provide information on what they are doing to keep users safe, including the prevalence of harmful online content on their platforms, the user reports received and acted upon, and the systems and processes in place to address harmful online content. The accountability measures are intended to allow users to compare approaches taken by platforms and make informed decisions about which to engage or disengage.
Strengthening the cybersecurity law in Singapore
With cyber threats becoming more prevalent, the Government intends to strengthen the cybersecurity law in Singapore, the Cybersecurity Act 2018, and has been reviewing it, in particular, relating to the following three key questions –
how to raise situational awareness over Singapore’s cyberspace;
what should be considered as Critical Information Infrastructure (CII); and
how to secure important digital infrastructure and services beyond CIIs.
Amendments to the Cybersecurity Act 2018 would be introduced after the review (to be completed by 2023) which would take into account stakeholder and public consultations.
Implementing the enhanced financial penalty for data breaches
The enhanced financial penalty for breaches to the Singapore data protection law (the Personal Data Protection Act 2012 (PDPA)) to S$1million, or a maximum of 10% of local annual turnover for organisations with a turnover that exceeds S$10million, whichever is higher will take effect from 1 October 2022. This is against the backdrop of the amendments to the PDPA that took place in 2020 where the enhanced financial penalty was introduced, due to take effect at a later date.
Launching an Alternative Dispute Resolution Scheme
Designed to be affordable and effective for consumers and small businesses trying to resolve contractual disputes with telco and media service providers, the Government will launch an Alternative Dispute Resolution (ADR) Scheme from April 2022. Such service providers are mandatorily required to participate in the resolution process.
The ADR Scheme covers disputes and issues (e.g. billing disputes or unsolicited charges) of up to a value of S$10,000 which have occurred within the past one year and are resolvable through service recovery efforts or compensated for in kind of in monetary terms.