Singapore Spam Control Act 2007

FEATURES

Singapore Spam Control Act 2007

The new Spam Control Act recently came into effect to overcome the widespread problem of Spam in Singapore. This article discusses the effect it will have on Spammers as well as the rights of the recipients of Spam, with regard to receiving these unsolicited e-mails.
In this day and age of the internet, the sending or receiving of unsolicited or undesired bulk electronic messages commonly known as Spam has become an everyday phenomenon. Spam, which is not to be associated or confused with the 'Spam' brand of luncheon meat, sometimes bears or contains advertisements which seek to draw a reader or recipient of the Spam to enter into a transaction or purchase of certain products or services by the sender of the Spam or a third-party. The incidence of a user receiving Spam in his e-mail inbox has become so prevalent that anti-virus software programs have inherent configurations to filter Spam. Similarly, the free web e-mail service providers now provide automatic features which help to screen out and filter Spam received from sources.

In the light of this, it comes as no surprise that the Singapore Spam Control Act 2007 (the 'Act') was passed by Parliament on 12 April 2007 and it shall come into effect on 15 June 2007. The framework and substantive details of the long awaited Act were developed by the Info-communications Development Authority of Singapore ('IDA') and the Attorney-General's Chambers of Singapore in consultation with the public over the last three years.

The author seeks to highlight the key salient aspects of the Act in this article.

Definition
The Act contains the framework for regulating unauthorised electronic messages which are regarded as commercial electronic messages for the purposes of the Act, sent by the traditional method of electronic mail ('e-mail'), text and multimedia messaging to mobile telephone numbers.

Under the Act, an electronic message shall be construed to be a commercial electronic message if, having regard to the surrounding circumstances such as the content of the message, the way in which the message is presented and the content that can be located using the links, telephone numbers or contact information set out in the message, the primary purpose of the message is to achieve or facilitate a commercial objective, notwithstanding that fraudulent means that may be used to achieve the objective.

In s 4(3) of the Act, a message sent by way of a voice call made using a telephone service is excluded from the definition of an 'electronic message'. Therefore, 'cold calls' made by telemarketers would be outside the scope of the Act.

Under s 3(4) of the Act, a person shall be deemed to have authorised the sending by the sender of the electronic message that advertises or promotes the first person's product if he 'knowingly allows' his product or service to be advertised or promoted by the sender. The exception to this violation is provided in s 3(5) which reads that the first person 'who takes reasonable steps to stop the sending of any electronic message that advertises or promotes the first person's product or service shall be deemed not to have authorised the sending' of the infringing message.

This section has great implication since a third party may attempt to ride on the goodwill and reputation of established brands of products and services in his Spam to give an impression of authorisation by the unfortunate brand owner. It is proposed that this section may not bode well for established household names.

It is therefore submitted that a brand owner should take serious steps to protect and prevent his brand images from appearing in Spam which he has not unauthorised. The precautionary measures could also include requesting indemnity to be given from companies which have access to or who use the actual brand images, or handle marketing and promotion activities on behalf of the brand owner. It is important to bear in mind that the onus is on the merchandiser to prevent unauthorised Spam bearing his brand images to be disseminated once he is aware of such activities. However, as the Act does not define what 'knowingly allow' constitutes, it is proposed that actual knowledge would be important in this regard. Furthermore, it is important to note that knowledge on the part of the brand owner could be implied, after having regard to the surrounding circumstances.

The Act is only applicable to electronic messages that have a 'Singapore link' and s 7(2) of the Act defines under what circumstance an electronic message is regarded as having a 'Singapore link'. These include the fact that the message originates in Singapore; the sender of the message is physically present in Singapore; if the sender is an entity and has central management and control in Singapore; the computer, mobile telephone, server or device to access the message is located in Singapore; and the recipient is physically present in Singapore or has central management and control in Singapore if it is an entity. The Act also provides that where the message cannot be delivered because the relevant electronic address has ceased to exist, it is still regarded as having a 'Singapore link', provided that the message would have been accessed using a computer, mobile telephone, server or device located in Singapore. This would, therefore, cover situations where a consumer gives up his mobile phone number, which number is subscribed to and registered by another person who in turn receives such Spam.

Regulated Spam
Pursuant to s 11 of the Act, it is mandatory for the person who sends, causes to be sent or authorises the sending of electronic messages in bulk to comply with the obligations and legal requirements in Schedule 2 of the Act.

For the purposes of the Act, s 6 (1) gives guidance on what it means by, 'sending in bulk of electronic messages', which include any the following: (a) where more than 100 electronic messages containing the same or similar subject-matter were sent during a 24-hour period; (b) more than 1,000 electronic messages containing the same or similar subject-matter during a 30-day period; or (c) more than 10,000 electronic messages containing the same or similar subject-matter during a one-year period. As stipulated in s 6(2) of the Act, the Minister has the discretion to vary the number of bulk quantity Spam thereby enabling the Ministry to review the bulk quantity if there are developments that warrant it.

In any event, s 10 of the Act states that the legal obligations and requirements in Schedule 2 of the Act shall apply to Spam. Therefore, the fact that the aggregate number of electronic messages sent in bulk do not fall within the limits prescribed in s 6 is inconsequential.

The main thrust of the Act lies in Schedule 2 of the Act which lays out the obligations that a sender of unauthorised electronic messages ('Spammer') has to comply with, which can be categorised into three key areas:

First, under para 2 of Schedule 2, the Spammer has to ensure that Spam has an 'unsubscribe facility' or 'opt-out' function. This may be a postal address, e-mail address, internet location address, telephone number or facsimile number for the recipient of the Spam to submit the unsubscribe request. The unsubscribe facility or opt-out function shall be valid and working at all times for a period of 30 days after the Spam has been sent. The Act states that the cost of using the unsubscribe facility or opt-out function should not exceed the cost of using the same means or technology of receiving the Spam.
Second, under para 2(7) of Schedule 2, the Spammer must remove the recipient from the mailing list within 10 business days after an unsubscribe request has been submitted by the recipient.

Finally, under para 3 of Schedule 3, the Spam itself must comply with labelling requirements. These include 'label' the Spam with '<ADV>' at the beginning of Spam, not to use misleading headers or subject fields, etc.

Prohibited Activities
The Act makes it clear in s 9 that it is prohibited to send electronic messages to e-mail addresses or mobile telephone numbers randomly generated or obtained through harvesting software. In the circumstances, to protect the interests of the Spammer it is proposed that the Spammer is obliged to ensure the e-mail addresses or mobile telephone numbers used in the Spam are not harvested through prohibited means. Another suggestion is that the company providing the e-mail addresses or mobile telephone numbers should give a declaration that the e-mail addresses or mobile telephone numbers used in the Spam are not harvested through prohibited means.

Civil Action and Proceedings
Under s 13 (1) of the Act, it is provided that a person who has 'suffered loss or damage as a direct or an indirect result' of a contravention by the Spammer against the activities prescribed in the Act, can commence legal proceedings against the Spammer. If the court rules against the Spammer, the remedies that may be awarded to the plaintiff include injunction, damages, and 'statutory damages'. The court, at its discretion, may order the defendant Spammer to pay the plaintiff his costs, expenses and legal costs in respect of the proceeding against the Spammer according to s 15 of the Act.

The Act provides in s 14 (3) that statutory damages may be awarded in the range of S$25 per spam to a maximum of S$1m. According to s 14(4) of the Act, in determining whether statutory damages may be awarded, the court shall have regard to a number of factors, including whether the contravention was wilful, the loss or damage that the plaintiff suffered as a result of the contravention, benefit accrued to the Spammer by reason of the sending of the Spam, the need to deliver a deterrent message and all other relevant matters.

However, it remains to be seen whether there is sufficient 'teeth and bite' in the Act. Although the aggrieved recipient of the Spam can seek recourse through the courts, he may be reluctant to do so since legal costs in any legal proceedings can be exorbitant.

Further Regulations
Under the Act, the Internet Access Service Provider ('IASP') and telecommunications company may, with IDA approval, issue a code of practice to control the sending of Spam. In addition, the Minister for Ministry of Information, Communications and the Arts ('MICA') may also issue regulations to control the sending of Spam.

Conclusion
The Act represents a pre-eminent effort on the part of the Singapore Government to address an increasingly difficult problem of Spam with legislation which lays down clear and easy guidelines for Spammers to comply with. The earnestness in tackling this intricate area is also reflected in this website, www.spamcontrol.org.sg administered by the IDA. Furthermore, further information on dealing with Spam in Singapore is available at the website www.antispam.org.sg.

It is important to bear in mind that the Act aims to give some measure of protection to consumers or recipients of Spam. This has to be delicately balanced against the needs of companies who wish to tap on this relatively low-cost marketing channel of sending in bulk unsolicited electronic messages in a legitimate way and within acceptable legal boundaries. However, it remains to be seen whether the Act will be effective in dealing with the problem of Spam in the long run.

Raymond Choo
Zuji
E-mail: [email protected]