Email marketing in Singapore is regulated by two main laws: the Personal Data Protection Act (PDPA) and the Spam Control Act. The PDPA governs the collection, use and disclosure of personal data by organizations. The Spam Control Act aims to control unsolicited commercial communications sent electronically.
Singapore has strict guidance for email content. All marketing email campaigns are required to be truthful (not deceitful) and comply with the principles of fair competition. Furthermore, content must align with Singapore's family values. The Spam Control Act requires senders to:
- Include contact information (email, postal address or telephone number)
- Provide a link or email address for the recipient to unsubscribe
- Honour unsubscribe requests within 10 working days
- Include the words “advertisement” or “AD” in the email subject line
Under the PDPA, subscribers must provide consent before they can receive emails. Regulations encourage email marketers to require subscribers to submit a signature or provide acknowledgment that they agree to receive emails. Implicit consent, including pre-checked boxes, is a permissible form of consent.
The PDPA requires email marketers to have policies in place to comply with these regulations and inform other members of staff. There must also be a method to receive complaints about the handling of personal data.
Violations of the PDPA can result in a fine of up to S$10,000 or imprisonment for a maximum of 3 years. Under the Spam Control Act, businesses or individuals can be fined S$25 per unsolicited email to a total of S$1 million.