Singapore has signed and ratified the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

Singapore enacted the Electronic Transactions Act, drawing upon the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

Singapore has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

Under the Code of Practice for E-Commerce Services, designated e-commerce service providers must take all reasonably practicable steps to prevent their services from being used for scams and malicious cyber activity offences.
Under Section A (A1–A7), providers must implement measures to quickly disrupt malicious accounts and activities, including proactive detection, user-reporting mechanisms, fast-track law enforcement channels, data retention for at least 90 days, preservation of records, and support for information and emergency data requests.
Under Section B (B1–B6), providers must deploy safeguards to prevent propagation, including account verification, additional checks for suspicious activity, strong login verification, verified-account options, verification against Government-issued records for users who advertise or post goods or services for sale, and optional payment protection mechanisms requiring delivery verification before payment is released to sellers.
The current designated e-commerce services include Carousell, Facebook Marketplace, Facebook Advertisements, and Facebook Business Pages.

The Code of Practice for Online Safety – App Distribution Services, in force since March 2025, requires designated app stores to implement reasonable and proactive measures to minimise users’ access to or exposure to harmful content. This includes content moderation systems and processes, app reviews and app updates, and proactive detection and removal of child sexual exploitation and abuse material and terrorism content, as technically feasible.

Singapore has used access-blocking orders under Art. 11 of the Protection from Online Falsehoods and Manipulation Act 2019 (POFMA) to restrict access to online news and publication websites following non-compliance with correction directions.
It is reported that in June 2023, the Minister for Communications and Information directed the Infocomm Media Development Authority (IMDA) to issue access-blocking orders against Asia Sentinel after the website failed to comply with a POFMA correction direction regarding an article published in May 2023. The blocking orders required internet access service providers to disable access to the website for users in Singapore.
In January 2025, the Ministry of Digital Development and Information similarly directed IMDA to block access to East Asia Forum after it failed to comply with a POFMA correction direction. In addition, in November 2025, access-blocking orders were also issued against Malaysia Now following non-compliance with a correction direction, with the Ministry confirming that IMDA had been directed to block access to the website for users in Singapore.

Singapore applies an individual licensing scheme for online news sites under the Online News Licensing Scheme (ONLS), based on the Broadcasting Act 1994 and the Broadcasting (Class Licence) Notification. Online news sites are individually licensed if they report at least one article per week on Singapore news and current affairs over a two-month period and receive at least 50,000 unique IP addresses from Singapore each month over the same period. Once the Infocomm Media Development Authority (IMDA) assesses that a site meets these criteria, it issues a formal notification requiring the site to move to the individual licensing framework. Licensed sites must provide a SGD 50,000 (approx. USD 40,000) performance bond and may be required to remove content that breaches content standards within 24 hours of a regulator's notification.

Singapore applies ex ante licensing requirements for certain digital services. For audiovisual digital services, Art. 8 of the Broadcasting Act 1994 requires licensable broadcasting services provided in or from Singapore to be licensed by the Infocomm Media Development Authority (IMDA), with licence terms and conditions determined by the Authority. On this basis, operators providing internet-transmitted television services, including OTT television and video-on-demand services, in or from Singapore may require a Niche Television Service Licence and must comply with the Content Code for Over-the-Top (OTT), Video-on-Demand (VOD) and Niche Services.

Under Reg. 3 of the Telecommunications (Class Licences) Regulations, the Infocomm Media Development Authority (IMDA) may grant class licences for the provision of services-based telecommunications services. The Services-Based Operations (SBO) licensing framework covers operators that lease telecommunications network elements to provide their own telecommunications services, or resell telecommunications services to third parties. According to IMDA’s Guidelines for Submission of Application for Services-Based Operations Licence, Virtual Private Network (VPN) services are expressly included among the services requiring an SBO (Individual) Licence.

Under the Telecommunications (Dealers) Regulations, Singapore regulates the import of telecommunication equipment. Importers require a Telecommunication Dealer’s Licence issued by the Infocomm Media Development Authority (IMDA), as well as an import permit from Singapore Customs, which must be obtained through TradeNet before the goods arrive in Singapore. The requirement applies to telecommunication equipment generally, including mobile phones and other equipment covered by relevant AHTN/HS codes, and is not limited to HS code 8517.
A Telecommunication Dealer’s Class Licence holder may import registered or approved telecommunication equipment and equipment listed in the First Schedule of the Regulations. A Telecommunication Dealer’s Individual Licence holder may also import non-registered telecommunication equipment for re-export purposes. Under Reg. 11 and the Third Schedule, prohibited telecommunication equipment, including scanning receivers, military communication equipment, telephone voice-changing equipment, certain radio-communication equipment operating in restricted frequency bands, and radio-communication jamming devices, may not be imported unless prior approval is granted by IMDA.

Under the Code of Practice for E-Commerce Services, designated e-commerce service providers must take all reasonably practicable steps to prevent their services from being used for scams and malicious cyber activity offences.
In particular, Section A5 requires service providers to retain all available data relating to accounts that have been, or are suspected of being, used for scams and/or malicious cyber activities. This includes, where available, records identifying the account user(s), transaction or interaction records, activity logs, IP addresses, and metadata. Such data must be retained for at least 90 days to facilitate potential criminal investigations into scams and malicious cyber activities.
The currently designated e-commerce services include Carousell, Facebook Marketplace, Facebook Advertisements, and Facebook Business Pages.

Under Section 11.3, each organisation is required to appoint one or more data protection officers to be responsible for ensuring the organisation’s compliance with the Personal Data Protection Act.

Pursuant to Section 39 of the Criminal Procedure Code, police officers investigating arrestable offences may at any time access and search the data of any computer they suspect has been used in connection with the offence. No warrant or special authorisation is needed. It is reported that the police have seized electronic devices in the course of several investigations over the past few years. Penalties for noncompliance can include a fine of up to SSGD 5,000 (approx. USD 3,700), a six-month jail term, or both.

The Electronic Transactions Act establishes a safe harbour regime for intermediaries for copyright infringements. According to Section 26 of the Act (introduced by the amendment of the Act within the Act 26 of 2012), any network service provider shall not be subject to any civil or criminal liability in respect of “third-party material” in the form of electronic records to which it “merely” provides access. This exemption of liability also extends to liabilities arising from data protection obligations in respect of third-party material under the Personal Data Protection Act 2012.

The Electronic Transactions Act establishes a safe harbour regime for intermediaries beyond copyright infringements. According to Section 26 of the Act (introduced by the amendment of the Act within the Act 26 of 2012), any network service provider shall not be subject to any civil or criminal liability in respect of “third-party material” in the form of electronic records to which it “merely” provides access. This exemption of liability also extends to liabilities arising from data protection obligations in respect of third-party material under the Personal Data Protection Act 2012.