Consumers receiving pesky marketing messages on instant chat apps such as WeChat, Telegram and iMessage will soon have greater protection as the authorities seek to plug a legislative gap.
Current privacy rules do not address unwanted marketing messages received on these apps, as the chat platforms do not identify users by their phone numbers, but by identifiers or chat names chosen by them.
Now privacy watchdog Personal Data Protection Commission wants to allow consumers to also block unwanted messages on these instant chat platforms - as part of larger goals to ensure that Singapore does not become a spam haven.
It has proposed a new Act to do so, and is inviting feedback in a public consultation exercise launched yesterday.
The yet-to-be-named Act, if passed, will incorporate existing Do Not Call (DNC) rules - rolled out in January 2014 as part of the Personal Data Protection Act (PDPA) - and the Spam Control Act, in force since 2007.
The commission said in its consultation documents: "It is necessary to review the DNC provisions and the Spam Control Act to ensure they remain relevant and effective."
The DNC rules will remain largely unchanged. For instance, telemarketers who contact phone numbers listed in the DNC registry of people who do not wish to receive telemarketing calls, SMSes and faxes risk a fine of up to $10,000 for each offence. But the scope of the Spam Control Act will be expanded beyond e-mail and SMS to include bulk messaging on instant chat platforms.
Civil action may continue to be taken by affected individuals or organisations against spammers under the revised rules.
The commission will investigate and impose fines on DNC rule breakers, instead of taking them to court as criminal cases. Affected individuals and organisations can take rule breakers to court if they wish to.
The proposed new Act also seeks to streamline the differing demands of the DNC and the Spam Control Act, which have confused businesses.
For instance, under the DNC rules, marketers have up to 30 calendar days to stop contacting consumers when told to do so. But the new rules plan to reduce the window to 10 business days, to be consistent with the Spam Control Act.
In another example, the use of dictionary attacks and address harvesting software is prohibited under the Spam Control Act, but such use is not covered under the DNC rules.
Dictionary attack is a way of generating electronic addresses by combining names, letters, numbers, punctuation marks or symbols into numerous permutations. Address harvesting software allows marketers to cull contact details from the Internet.
The new Act aims to prohibit the use of such tools for sending messages to all phone numbers, instant messaging apps and e-mail addresses.
The proposed changes are in line with similar approaches in Hong Kong and Britain, said the commission.
They come amid increasing use of instant chat apps to send marketing messages.
Popular message app WhatsApp is covered by existing rules as it requires SMS verification through a user's phone number, unlike other chat apps .
The commission said the PDPA will continue to be in force, offering baseline protection for the collection and use of personal data here.
Ms Lisa Watson, chairman of the Direct Marketing Association of Singapore, said: " With technology advances, many businesses may not be clear about what best practice is in these circumstances, so we believe more clarity is a good thing."