Yes, scraping public data in Singapore is generally permissible, but strict compliance with local laws is required. Public data lacks copyright protection under the Singapore Copyright Act, yet scraping must not breach contractual terms, data protection provisions, or circumvent technical barriers. The Personal Data Protection Commission (PDPC) and Infocomm Media Development Authority (IMDA) enforce these rules, with 2026 amendments tightening restrictions on automated data collection.
Key Regulations for Scraping Public Data in Singapore
- Personal Data Protection Act (PDPA) 2024 Amendments: Automated scraping that collects personal data without consent violates PDPA unless exempt under Section 4(2). Organizations must conduct Data Protection Impact Assessments (DPIAs) for high-risk scraping activities.
- Computer Misuse Act (CMA): Bypassing technical protection measures (e.g., CAPTCHAs, IP blocking) to scrape data constitutes an offense under Section 3(1) of the CMA, punishable by up to 10 years’ imprisonment.
- Terms of Service (ToS) and Robots.txt: Violating platform-specific ToS or ignoring
robots.txtdirectives may lead to legal action under contract law or Section 19 of the Electronic Transactions Act (ETA) for unauthorized access.
Scraping anonymized or non-personal public data remains low-risk, but organizations must document compliance with PDPA’s accountability principle. The PDPC’s 2025 advisory emphasizes transparency, requiring entities to disclose scraping purposes and data retention periods. Failure to adhere risks fines up to S$1 million under PDPA or criminal liability under CMA.