Statute Details
- Title: Personal Data Protection (Do Not Call Registry) Regulations 2013
- Act Code: PDPA2012-S709-2013
- Type: Subsidiary Legislation (SL)
- Authorising Act: Personal Data Protection Act 2012 (Act 26 of 2012), section 65
- Enacting authority (maker): Minister for Communications and Information
- Made date: 21 November 2013
- Citation and commencement: 2 December 2013 (with specified later commencement for certain regulations and the Third Schedule)
- Key Parts: Part I (Preliminary); Part II (Administration of Do Not Call Registers); Part III (Application to check Do Not Call Registers); Part IV (Report on terminated Singapore telephone numbers); Part V (Prescribed duration and period); Part VA (Checkers); Part VI (General)
- Key definitions (Section 2): “No Fax Message Register”, “No Text Message Register”, “No Voice Call Register”, “register”, “specified website” (http://www.dnc.gov.sg), and message/telephone-number concepts
What Is This Legislation About?
The Personal Data Protection (Do Not Call Registry) Regulations 2013 (“DNC Regulations”) operationalise Singapore’s “Do Not Call” framework under the Personal Data Protection Act 2012 (“PDPA”). In plain terms, the Regulations set out the administrative and procedural rules for maintaining and using Singapore’s Do Not Call Registers—namely the registers that list Singapore telephone numbers to which certain categories of unsolicited communications should not be sent.
Unlike the PDPA itself (which establishes the general legal obligations around personal data and marketing communications), the DNC Regulations focus on the mechanics: how subscribers apply to add or remove their numbers, how telecommunications service providers report terminated numbers, how organisations apply to check the registers before sending messages, and how “checkers” (entities that perform checking) must meet requirements. The Regulations also prescribe time periods and fees that make the system workable and enforceable.
For practitioners, the key point is that the DNC Regulations are not merely administrative. They are tightly linked to compliance with the PDPA’s marketing and contact rules. If an organisation must check the relevant register before sending voice calls, text messages, or fax messages, the DNC Regulations define the process and timing for that checking, including the fees and the operational rules for the register itself.
What Are the Key Provisions?
1) Citation, commencement, and scope of application (Regulation 1). The Regulations may be cited as the Personal Data Protection (Do Not Call Registry) Regulations 2013. Most provisions came into operation on 2 December 2013, but regulations 9 and 11 to 17 and the Third Schedule commenced on 2 January 2014. This staged commencement matters when assessing historical compliance obligations—e.g., whether an organisation’s checking obligations or fee-related requirements were already in force at a given time.
2) Core definitions that determine what is “in” the registers (Regulation 2). Section 2 defines the three registers: No Voice Call Register, No Text Message Register, and No Fax Message Register. It also defines what counts as a “specified” communication type (specified fax message, specified text message, specified voice message) and what a “register” means in context (i.e., the relevant one of the three). The Regulations further define “relevant telecommunication service” and “relevant telephone number,” linking the subscriber’s registration application to the telecommunication service to which the number is allocated. Finally, “specified website” is identified as http://www.dnc.gov.sg, which is the Commission’s website for receiving subscriber applications.
Practical effect: These definitions are essential for determining which register an organisation must check. For example, a number listed in the No Text Message Register should not receive specified text messages, while a number in the No Voice Call Register should not receive specified voice calls/video calls. Misclassification can lead to compliance failures even if the organisation otherwise follows a “Do Not Call” policy.
3) Subscriber administration: adding/removing and confirming listings (Regulations 3 to 7). Part II sets out how subscribers interact with the registers. Regulation 3 provides for a subscriber application to add or remove a Singapore telephone number. Regulation 4 addresses the effective date of addition or removal, which is critical for determining when an organisation must stop sending communications to that number. Regulation 5 requires a subscriber confirmation application to confirm listing in the register—this is a safeguard to ensure that the listing is authorised by the subscriber. Regulation 6 covers applications by or on behalf of the subscriber, which is relevant where a subscriber uses an agent or intermediary. Regulation 7 allows for correction or alteration of the register, supporting data accuracy over time.
4) Checking the registers: registration before checking, applications, and fees (Regulations 8 to 10). Part III governs how organisations apply to check the Do Not Call Registers. Regulation 8 requires registration before applying to check the register. Regulation 9 provides for the application to check Do Not Call Registers. Regulation 10 sets out fees. Regulation 11 is deleted in the current version, indicating that some earlier fee or procedural element has been removed or superseded.
Why this matters: In practice, organisations that send marketing communications or other “specified” messages must ensure they have the right authorisation and have completed the required registration steps before checking. The fee provisions also affect budgeting and procurement—particularly for high-volume senders who may need ongoing checking arrangements.
5) Reporting terminated telephone numbers (Part IV: Regulations 12 to 14). Part IV addresses a common operational issue: telephone numbers can be terminated and reallocated. Regulations 12 to 14 require telecommunications service providers to register and submit reports on terminated Singapore telephone numbers, along with prescribed fees. This ensures that the registers remain current and that organisations are not prevented from contacting numbers that are no longer held by the original subscriber.
6) Prescribed duration and period (Part V: Regulations 15 to 17). Part V prescribes time periods for specific PDPA-related provisions (referencing sections 43(2)(a), 43(2)(b), and 47(3) of the Act). While the extract does not reproduce the PDPA text, the structure indicates that the Regulations specify how long certain effects last—such as how long a check remains valid or the duration of certain compliance-related windows.
7) Checkers (Part VA: Regulation 17A). Part VA introduces “checkers” and sets requirements for checkers. This is important where a third party performs the checking function on behalf of organisations. For legal compliance, practitioners should treat checker requirements as a risk-control mechanism: if an organisation relies on a checker, the checker must meet the statutory requirements, and the organisation should ensure contractual and operational alignment with those requirements.
8) General provisions: time and waiver (Part VI: Regulations 18 to 19). Regulation 18 provides rules on time (e.g., how time is computed for applications or actions). Regulation 19 allows for waiver, which can be significant in exceptional circumstances—e.g., where strict compliance with a procedural requirement is impracticable. Practitioners should note that waiver is typically discretionary and may require an application or justification consistent with the Commission’s practice.
How Is This Legislation Structured?
The DNC Regulations are organised into Parts that mirror the lifecycle of the Do Not Call system:
Part I (Preliminary) contains the citation/commencement rule and the foundational definitions in section 2.
Part II (Administration of Do Not Call Registers) covers subscriber-facing processes: adding/removing numbers, confirming listings, authorising applications by or on behalf of subscribers, and correcting register entries.
Part III (Application to check Do Not Call Registers) governs how organisations access the registers: registration to become eligible to check, the mechanics of applying to check, and the fees payable.
Part IV (Report on terminated Singapore telephone numbers) imposes duties on telecommunications service providers to report terminated numbers and sets related fees.
Part V (Prescribed duration and period) specifies time-related parameters linked to PDPA sections.
Part VA (Checkers) sets requirements for third parties that perform checking.
Part VI (General) includes rules on time computation and waiver.
Additionally, there are Schedules that deal with fees: the First Schedule (fees payable by a person), the Second Schedule (advance payment of application fee), and the Third Schedule (fees payable in respect of terminated Singapore telephone numbers).
Who Does This Legislation Apply To?
The DNC Regulations apply to multiple categories of stakeholders in the Do Not Call ecosystem:
Subscribers (individuals or entities holding Singapore telephone numbers) who wish to have their numbers added to or removed from the relevant registers. The Regulations also cover how subscribers may confirm listings and how applications may be made by or on behalf of subscribers.
Telecommunications service providers are required to register and report terminated Singapore telephone numbers. This ensures the registers remain accurate as numbers change hands.
Organisations that need to check the registers (e.g., entities sending specified communications) must register before checking, apply to check, and pay the prescribed fees. Where third parties perform checking, checkers must meet the statutory requirements.
Why Is This Legislation Important?
The DNC Regulations are a practical compliance instrument. For lawyers advising marketing, customer engagement, collections, or telemarketing operations, the Regulations help translate PDPA obligations into operational steps: when and how to check the Do Not Call registers, how to handle subscriber changes, and how to manage the validity of checks over time.
From an enforcement and risk perspective, the Regulations reduce ambiguity. They define the registers and message categories, specify procedural requirements for checking, and create a system for keeping the registers updated through subscriber confirmations and service provider reporting. This matters because compliance failures often arise from process breakdowns—e.g., failing to check the correct register for the communication channel, relying on outdated register data, or using a checker that does not meet statutory requirements.
Finally, the fee and time provisions affect implementation. Organisations must plan for registration, checking workflows, and ongoing compliance costs. The prescribed duration and period provisions (Part V) are particularly important for determining how often checks must be repeated and for defending compliance in disputes about whether a check was “current” at the relevant time.
Related Legislation
- Personal Data Protection Act 2012 (Act 26 of 2012), including sections referenced by the DNC Regulations (e.g., sections 43(2)(a), 43(2)(b), 47(3))
Source Documents
This article provides an overview of the Personal Data Protection (Do Not Call Registry) Regulations 2013 for legal research and educational purposes. It does not constitute legal advice. Readers should consult the official text for authoritative provisions.