On January 14, 2013, Singapore passed an amendment to the Computer Misuse Act (now renamed the Computer Misuse and Cybersecurity Act), which provided the government with additional authorities to prevent, detect and counter cyber attacks on critical infrastructure. Key aspects of this law include the ability of the government to direct a person or organization to take specific steps – including exercising certain powers under the criminal procedure code — with respect to preventing, detecting, or countering a cyber threat where the threat relates to certain types of critical infrastructure. Such broad authority could encompass directing companies to conduct “pre-emptive” strikes or other measures prior to the onset of an imminent cyber attack. Importantly, the law confers immunity from any civil or criminal liability resulting from fulfilling an obligation under the law, but also provides for criminal penalties for failing to comply.
We are glad to feature a summary of the changes to the Computer Misuse Act on our blog, written by Chia Ling Koh of ATMD Bird & Bird LLP. Koh is located in ATMD’s Singapore office.
In addition, you may be interested in our prior article on the Legal Issues with Emerging Active Defense Security Technologies, please click here.
The views and opinions expressed in the summary of the changes to the Computer Misuse Act are solely those of the author. They are not necessarily representative of the views of Alston & Bird LLP or ATMD Bird & Bird. The materials on this blog and the summary of the Computer Misuse Act are provided for informational purposes only and do not constitute legal advice. Please contact any member of the Alston & Bird’s Privacy & Security team if you are seeking legal advice.
Written by Kimberly Peretti, Partner, Security Incident Management & Response Team | Alston & Bird LLP