fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Unsolicited Electronic Messages Act Means for Businesses

unsolicited electronic messages act
Learn what does unsolicited electronic messages act means as wells as its importance to your business.

Unsolicited Electronic Messages Act Means for Businesses

Unsolicited electronic messages act  to provide for the control of spam, which is unsolicited commercial communications sent in bulk by electronic mail or by text or multi-media messaging to mobile telephone numbers, and to provide for matters connected therewith.

What is an electronic message?

Email, instant messaging, SMS, multimedia messaging services are covered by the unsolicited electronic messages act. It does not cover voice calls (real, recorded or synthetic) or facsimiles.

What is a commercial electronic message?

A message is commercial if it:

  • Markets or promotes goods, services, land, interests in land, or business or investment opportunities
  • Assists/enables a person to obtain a financial advantage or gain from another
  • Provides a link/directs a recipient to a message that does either of the above

A message is not commercial if it:

  • Contains quotes or estimates requested for goods and services
  • Relates to ongoing commercial transactions agreed to by the recipient
  • Provides warranty, security information or similar notices for products or services obtained by the recipient
  • Provides factual information relating to subscriptions, memberships, accounts, loans or other similar relationships involving the recipient’s ongoing purchase or use
  • Provides information relating to the recipient’s current employment relationship or related benefit plans
  • Delivers goods or services (including product updates or upgrades) the recipient is entitled to under a transaction entered into
  • Provides information about goods or services provided by a government body (which includes Universities) or courts and tribunals
Watch this video for just a quick discussion about unsolicited electronic messages act.

When is a commercial electronic message unsolicited?

When the recipient has not consented to receiving the message.

What is an electronic address?

An email account, instant messaging service, telephone account or similar account.

Sender’s obligation to provide accurate contact sender information and unsubscribe facility

Any commercial electronic message (sent with or without consent) must clearly and accurately identify the person who authorized the sending of the message and provide accurate contact information. It must also contain an unsubscribe facility allowing recipients to be removed from the distribution list without cost to the recipient.

Restriction on use of address-harvesting software and harvested address lists

Individuals and organisations in Singapore must not use address harvesting tools and lists of addresses in connection with or with the intention of sending unsolicited commercial email addresses (whether or not the harvester is the sender of such messages or sending is by another person or organisation).

Also read: https://www.chapmantripp.com/publications/unsolicited-electronic-messages-act-%E2%80%93-time-to-prepare

What is consent?

  • Expressly agreeing to receive electronic messages (e.g. signing a form to that effect, ticking a website box, oral agreement)
  • Consent inferred from business or other relationship (e.g. providing an email address, exchanging business cards)
  • Consent assumed by the unsolicited electronic messages act from the conspicuous publication of an electronic address in a business or official capacity where there is no explicit statement that the address holder does not want to receive unsolicited electronic messages at that address and where the message relates to the holder’s business or official capacity

There are three different types of consent in the unsolicited electronic messages act: Express consent, Inferred consent, or Deemed consent.

Express consent
The person has directly said that it’s OK for you to send them email messages Most commonly this would be a box that they ticked on your website or a form they filled out in your shop.

Inferred consent
Inferred consent is when the person expects to receive email from you such as when they complete a form and supply their email address.

Deemed consent
When someone publicly displays their email address to be contacted such as a business card or website. You may only contact them in relation to their business.

Also Read: Document Shredding Services for Commercial Document Destruction

Application of unsolicited electronic messages act

  1. This Act shall not apply unless an electronic message has a Singapore link.
  2. For the purposes of subsection, an electronic message has a Singapore link in the following circumstances:
  • the message originates in Singapore;
  • the sender of the message is an individual who is physically present in Singapore when the message is sent; or an entity whose central management and control is in Singapore when the message is sent;
  • the computer, mobile telephone, server or device that is used to access the message is located in Singapore;
  • the recipient of the message is an individual who is physically present in Singapore when the message is accessed; or an entity that carries on business or activities in Singapore when the message is accessed; or if the message cannot be delivered because the relevant electronic address has ceased to exist (assuming that the electronic address existed), it is reasonably likely that the message would have been accessed using a computer, mobile telephone, server or device located in Singapore.

3. Notwithstanding subsection, this Act shall not apply to any electronic message specified in the First Schedule to such extent as may be specified therein.

Businesses must ensure they do not send spam.

Businesses must comply with the unsolicited electronic messages act

Businesses must ensure they do not send spam. Failure to comply could mean a fine of up to S$697220.5 

Steps to ensure you’re not ‘spamming’
Follow the steps below to ensure you are not sending spam:

  1. Make sure you have consent to send to people in your list. If you’ve already been sending out group emails you will need to get consent from those people to continue sending them messages.
  2. On every message, you should have the details of the real person sending the email and the contact details of the business sending the email.
  3. There has to be a working unsubscribe link on the email.
  4. Don’t use software that collects email addresses off websites (email harvesting).
  5. Don’t give your email list to anyone else.

Also read: https://sso.agc.gov.sg/Act/SCA2007#pr7

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us