Internet & Online Safety · Singapore
Online safety & content laws in Singapore (2026)
Singapore shaded by its internet & online safety status
Singapore has a comprehensive, layered online-safety regime administered chiefly by the Info-communications Media Development Authority (IMDA), backed by several statutes covering harmful content, criminal online harms, online falsehoods, and a new victim-redress framework. The Broadcasting Act's Online Safety provisions (in force since 1 Feb 2023) empower IMDA to issue Codes of Practice and content directions to designated social media and app-distribution services, while age-assurance obligations on app stores take effect from 1 April 2026. The Online Safety (Relief and Accountability) Act 2025 establishes an Online Safety Commission and direct victim claims against platforms, commencing 29 June 2026.
Key points
The Online Safety (Miscellaneous Amendments) Act took effect 1 Feb 2023, adding online-safety provisions to the Broadcasting Act 1994 that let IMDA direct online communication services accessible in Singapore to disable access to or block egregious harmful content (e.g. child sexual abuse, terrorism, suicide/self-harm material).
From July 2023 IMDA's Code requires designated social media services (Facebook, Instagram, TikTok, X, YouTube, HardwareZone) to mitigate six categories of harmful content and protect minors; IMDA publishes periodic Online Safety Assessment Reports on their compliance.
Under the Code of Practice for App Distribution Services (effective 31 March 2025, s.45L Broadcasting Act), designated app stores (Apple, Google, Huawei, Samsung, Microsoft) must implement age-assurance; from 1 April 2026 they must block under-18s from age-inappropriate apps and under-12s from social apps, using methods such as facial age estimation, Singpass/government ID or credit-card data.
Partially in force since 1 Feb 2024, OCHA lets designated officers issue five types of directions (stop-communication, disabling, access-blocking, account-restriction, app-removal) to online services on reasonable suspicion that content furthers a specified offence, with a lower threshold for scams and malicious cyber activity.
POFMA, in force since 2 Oct 2019 and administered by the POFMA Office within IMDA, lets ministers issue correction and account-restriction directions against false statements of fact communicated in Singapore; non-compliance carries fines and imprisonment.
The Online Safety (Relief and Accountability) Act 2025 (passed 5 Nov 2025) creates an Online Safety Commission and statutory torts; from 29 June 2026 victims of harms such as harassment, intimate-image abuse, doxxing and online stalking can obtain rapid relief and claim directly against communicators, administrators and platforms.
Timeline - major decisions & events
Designated app distribution services — Apple App Store, Google Play Store, Huawei App Gallery, Microsoft Store and Samsung Galaxy Store — must implement age assurance measures that prevent users under 18 from accessing and downloading age-inappropriate apps. This is the most concrete age-verification requirement yet in Singapore's online safety architecture.
IMDA ↗Key provisions of the 2024 amendment take effect, extending CII obligations to cloud-hosted and virtual systems, mandating 2-hour reporting of suspected APT incidents, and requiring disclosure of supply-chain cyber incidents. This modernises critical infrastructure protection for cloud-era architectures.
Cyber Security Agency of Singapore ↗Parliament passed amendments to the Cybersecurity Act ensuring CII owners remain legally accountable for cybersecurity even when relying on third-party cloud or outsourced infrastructure, and expanding incident-reporting requirements to include supply-chain events — a direct response to cloud adoption risks.
Singapore Statutes Online ↗The OCHA (passed July 2023) entered force, empowering the police and MHA to issue directions to online services to disable or restrict content facilitating scams and malicious cyber activities targeting Singapore users, with blocking orders available against non-compliant platforms — creating a law-enforcement-led complement to IMDA's content-safety regime.
Ministry of Home Affairs ↗IMDA designated Facebook, HardwareZone, Instagram, TikTok, X and YouTube under its Online Safety Code, requiring them to implement systems-and-processes measures to curb sexual, violent, self-harm, cyberbullying and other harmful content for Singapore users, with mandatory annual compliance reports — the first binding obligations on major social media platforms in Singapore.
IMDA ↗This Act (gazetted December 2022) inserted a new Part into the Broadcasting Act establishing IMDA's powers to designate Online Communication Services and compel compliance with Codes of Practice on harmful content, providing the statutory basis for the social-media and app-store codes that followed.
Ministry of Digital Development and Information ↗POFMA empowers ministers to issue Correction Directions and Targeted Correction Directions to individuals and platforms that spread deliberate falsehoods of public interest; non-compliance triggers blocking orders. Enacted in May 2019 following the Select Committee's recommendations, it is Singapore's most-invoked and most-litigated online-speech law.
Singapore Statutes Online ↗Singapore's first standalone cybersecurity statute established the Commissioner of Cybersecurity, a licensing regime for cybersecurity service providers, and mandatory CII owner obligations to report incidents, conduct audits and comply with directions — elevating cybersecurity from administrative policy to legally enforceable national obligation.
Cyber Security Agency of Singapore ↗Parliament convened a Special Select Committee to examine the causes, consequences and countermeasures for deliberate online falsehoods; its September 2018 report unanimously recommended new legislation, directly triggering the drafting of POFMA and marking the pivot from self-regulation to statute for online speech.
Parliament of Singapore ↗Singapore's first comprehensive data-protection law established the Personal Data Protection Commission, created the Do Not Call registry, and set binding rules on collection, use and disclosure of personal data — providing the privacy-rights foundation that underpins online safety and data-handling obligations across the digital economy.
Singapore Statutes Online ↗The Singapore Broadcasting Authority issued the Internet Code of Practice — the first formal content-regulation instrument for the internet — requiring ISPs and Internet Content Providers to prohibit content threatening public order, national security or racial/religious harmony. It established the class-licence model that remains the structural template for subsequent online-content rules.
IMDA (formerly Singapore Broadcasting Authority) ↗Singapore's foundational cybercrime statute criminalised unauthorised computer access, modification of computer material and interception of computer services. Repeatedly amended (including a 2017 expansion to cover cyber-attacks on critical infrastructure), it remains the primary instrument for prosecuting individual online offences and complements every subsequent online-safety law.
Singapore Statutes Online ↗Singapore - other topics
Last verified 5/23/2026 · Orientation, not legal advice - verify against the primary sources linked above. Explore the full world map →