Online Criminal Harms Bill introduced to enable authorities to deal more effectively with criminal online activities

26 May 2023

On 8 May 2023, the Online Criminal Harms Bill (“Bill”) was tabled for first reading. The Bill introduces levers to enable the authorities to deal more effectively with online activities that are criminal in nature or are used to facilitate or abet crimes, in order to better protect the public in Singapore from various harms in the online space. In addition, the Bill enables the Government to take swift action against criminal activities carried out online and to be proactive in disrupting scams and malicious cyber activities before more victims are harmed.

The Ministry of Home Affairs (“MHA”) has also issued a press release on the Bill. Key features of the Bill are set out below. 

Government Directions against specified criminal offences

The Bill will allow the Government to issue directions to any online service through which criminal activities could be conducted (“Government Directions”). The Government Directions will be applicable to criminal offences specified in the First Schedule of the Bill, such as offences that affect national security, national harmony, and individual safety. Annex A to the press release sets out examples of specified criminal offences in the Bill, including offences relating to terrorism and internal security, offences relating to scams and malicious cyber activities, offences relating to unlawful gambling, and offences relating to illegal moneylending.

Government Directions may be issued when there is reasonable suspicion that an online activity is being carried out to commit a crime. The following Government Directions may be issued depending on the facts of the case:

• Stop Communication Direction: This requires the recipient of the direction to stop communicating specified online content (including substantially similar content) to people in Singapore. The recipients of the direction are persons and entities who communicated such online content.
• Disabling Direction: This requires online service providers to disable specified content (e.g. a post or page) on their service from the view of people in Singapore, which may include identical copies of the content.
• Account Restriction Direction: This requires online service providers to stop an account on their service from communicating in Singapore and/or interacting with people in Singapore, such as by terminating, suspending or restricting functionalities of the service in relation to the account.
• Access Blocking Direction: This requires internet service providers to block access to an online location such as a web domain from the view of people in Singapore.
• App Removal Direction: This requires app stores to remove an app from its Singapore storefront to stop further downloads of the app by people in Singapore. 

Annex B to the press release sets out illustrations on the operation of the Government Directions.

Proactive prevention of scams and malicious cyber activities

The Bill will allow the Government to take a proactive approach to counter the scale and speed achievable by criminal actors in relation to scams and malicious cyber activities in the following ways:

• The Bill will allow Government Directions to be issued when it is suspected that any website, online account, or online activity may be used for scams or malicious cyber activities. Compared to the other specified criminal offences, the lower threshold for taking action enables the Government to disrupt scams and malicious cyber activities before anyone falls prey.
• The Bill will create a framework to strengthen partnership between the authorities and online services to counter scams and malicious cyber activities. Under this framework, the Government can require designated online services to proactively disrupt scams and malicious cyber activities affecting people in Singapore.

This and other requirements will be set out in the form of codes of practice which will be issued by a competent authority, who will be responsible for administering the Online Criminal Harms Act. An officer from the Singapore Police Force will be designated as the competent authority.

Codes of practice and directives

The codes of practice, which may be different depending on the nature of the online service, may require the designated online services to have systems, processes, and measures in place for the purposes of:

• enabling partnerships and sensemaking with the Government to proactively deal with scams and malicious cyber activities;
• preventing scams and malicious cyber activities on the services; and
• supporting the Government’s enforcement actions against such crimes.

If there continues to be a persistent risk of scams or malicious cyber activities on the designated online service despite the codes of practice, the competent authority may issue a directive to the service to implement specific measures to reduce these risks.

Appeal mechanism

Recipients of a Government Direction and originators of the online activity targeted by the Government Direction can appeal to a reviewing tribunal to vary or cancel the Government Direction. The reviewing tribunal will comprise a District Judge or Magistrate appointed by the President, on the advice of the Cabinet.

Designated online services can appeal to the Minister for Home Affairs against decisions by the competent authority relating to codes of practice and directives. 

Reference materials

The following materials are available from the Parliament website www.parliament.gov.sg and the MHA website www.mha.gov.sg:

• Online Criminal Harms Bill 
• Press release: Introduction of the Online Criminal Harms Bill 
• Annex A - Examples of specified criminal offences in the Bill 
• Annex B - Illustration of how Directions work 
• Annex C - Illustrations of scam activities (and why a proactive approach to preventing scams and malicious cyber activities is required)