Singapore operates a structured and proactive online safety regime, characterised by sector-specific regulation rather than a single, horizontal platform liability statute. Child protection online is primarily driven through broadcasting and media regulation, backed by strong enforcement powers and clear expectations regarding age-restricted content. While Singapore does not prescribe a single approved age-verification method, age assurance is an established risk-mitigation control for any service exposing users to adult or harmful material.
The Infocomm Media Development Authority (IMDA) oversees this landscape, regulating social media, video-sharing, and app distribution services under the Broadcasting Act and subsidiary legislation. IMDA can require access controls on age-restricted content, issue binding directions to platforms, and impose financial penalties for non-compliance. IMDA’s approach focuses on platform accountability and effective safeguards rather than mandating user identification or a single technical solution.
Codes of Practice and App-Store Gatekeeping
Singapore’s framework was significantly strengthened by the Online Safety (Miscellaneous Amendments) Act, which introduced binding Codes of Practice for Online Safety for designated online communication services. These Codes require platforms to mitigate children’s exposure to harmful content, provide user-reporting and parental controls, and implement effective access controls where risks are foreseeable.
On 31 March 2025, the Code of Practice for App Distribution Services took effect. This Code requires designated app stores to act as gatekeepers by implementing age-assurance controls, including methods more robust than self-declaration where risk warrants, such as device-level controls, account verification mechanisms, or privacy-preserving age-assurance solutions to prevent minors from accessing age-restricted apps or games. The Code applies to designated app distribution services and reinforces distribution platforms as key enforcement checkpoints.
Age-Restricted Content and Outcome-Based Compliance
Under Singapore’s content classification framework, explicit sexual content and pornography must be inaccessible to minors. IMDA emphasises outcome-based compliance: platforms must demonstrate that safeguards effectively prevent underage access in practice. Simple self-declared age is insufficient where foreseeable risks exist. This outcome-based standard places the burden on providers to demonstrate real-world effectiveness, rather than mere policy compliance.
Singapore remains technology-neutral: regulators do not mandate a specific verification method, but providers must select controls proportionate to risk and capable of withstanding regulatory scrutiny.
Social Media Protection and Emerging Age Limits
Singapore does not currently impose a universal statutory minimum age for all social media use. However, designated services face heightened duties toward child users, including enforcing their own minimum-age policies, reducing children’s exposure to harmful content, and providing parental supervision tools.
Officials have indicated they are monitoring regional developments, including international proposals and regional developments related to minimum social-media age thresholds.[i]
Data Protection and Privacy (PDPA)
The Personal Data Protection Act (PDPA) provides the baseline for personal-data processing, including children’s data. It does not set a fixed digital age of consent but relies on meaningful consent and the individual’s capacity to understand the context.
For age-assurance systems, this requires data minimisation, proportionality, and strict safeguards for identity or biometric data. Age-verification data must not be repurposed for profiling or advertising, reinforcing Singapore’s expectation of privacy-preserving safety controls. Singapore’s privacy framework reinforces the use of privacy-enhancing technologies, purpose limitation, and strong safeguards when age-assurance solutions process sensitive data.
Enforcement and Global Convergence
IMDA has a wide enforcement toolkit, including:
- Financial penalties of up to S$1 million or 10 % of annual turnover (for designated services)
- Binding remedial directions
- Access-blocking orders
Singapore’s regime aligns with international “safety-by-design” principles and proactive platform responsibility, reflecting regulatory approaches emerging in the United Kingdom, European Union, Australia, and other jurisdictions.
[i] https://insightplus.bakermckenzie.com/bm/technology-media-telecommunications_1/singapore-government-currently-assessing-age-assurance-obligations-for-social-media-services