AI training safe harbour: lawfully accessed content may be used for AI model training, text and data mining and similar purposes without constituting copyright infringement.

Section 244 of the Copyright Act 2021 ("Computational Data Analysis") provides an explicit safe harbour for the use of training data for AI. "Lawfully accessed" means content obtained through normal channels — subscriptions, purchases, legitimate APIs, public web pages and so on. This makes Singapore one of the jurisdictions with the clearest stated position on AI training and copyright globally, and is a core reason EDB has been able to attract OpenAI, Anthropic, DeepMind and similar institutions.

Clarifies IPOS's position on authorship of AI-generated content: copyright can be asserted only where a human has made a substantive creative contribution.

"When Code Creates" is IPOS's 2024 official position paper on copyright authorship in the era of generative AI. Core position: fully AI-generated output with no substantive human creative input does not qualify as a "work" under copyright law; but where a human makes substantive creative choices (prompt design, output curation, iterative refinement), that human can claim authorship. This diverges from the UK's 1988 "computer-generated works without an author" model and aligns more closely with the US Copyright Office position.

A unified toolkit for online criminal harms — covers AI-generated scams, extortion and intimidation.

Passed in 2023, OCHA gives police and prosecutors a unified toolkit for governing online criminal harms. It is particularly relevant in the AI era: AI-generated scam messages, deepfake extortion content and automated harassment can all be addressed through governance orders, takedowns, access restrictions and payment-blocking under OCHA. The Act is the foundational layer of Singapore's output-side AI governance — not AI-specific, but most AI-enabled criminal conduct falls within its scope.

Bans deepfakes during elections: prohibits publishing "misleading, AI-generated content that purports to depict candidates' statements or conduct".

A 2024 amendment to the Elections Act targeting deepfakes specifically. Core clause: during the campaign period (from issuance of the writ of election to polling day) it is unlawful to publish "misleading, AI-generated, deepfake content purporting to represent statements or conduct of candidates". Anyone who publishes, shares or funds such content commits an offence. During the campaign window the authorities may issue corrective directions requiring platforms to take down content, block access or display correction statements. This is among the earliest targeted election-deepfake laws in the world, ahead of the corresponding provisions in the EU AI Act.

Criminalises AI-generated intimate imagery and child sexual exploitation material — production, possession and distribution are all prosecutable.

The 2025 Criminal Law amendments expressly bring AI-generated intimate imagery (nudity, sexual imagery) and child sexual exploitation material into the criminal code. Notable innovations: (1) even where the "person" in the image is fictitious (AI-generated rather than a real individual), the offence still applies if the depicted person appears to be a minor; (2) production, possession and distribution all constitute offences; (3) aggravated penalties apply to deepfake intimate imagery targeting identifiable individuals. The amendment closes the legal gap for the new category of "AI-generated non-existent persons".

Fast-track victim relief plus platform accountability — AI-abuse complaints must be acted on within 24 hours.

The 2025 Online Safety Act focuses on victim relief and platform accountability: (1) victims may file complaints with the Online Safety Commission (OSC), which platforms must act on within 24 hours; (2) platforms that fail to comply face significant fines; (3) AI-generated defamation, harassment and sexual imagery all fall within scope. This marks a key step in Singapore's output-side governance shifting from after-the-fact punishment to in-process accountability.

Lawyers and litigants bear ultimate responsibility for legal documents prepared with AI assistance and must disclose any AI use.

The Supreme Court of Singapore's Registrar's Circular No. 1 of 2024 applies across the entire court system. Three principles: (1) lawyers and litigants bear ultimate responsibility for all content submitted to court, whether or not AI was used; (2) legal documents prepared with the assistance of generative AI must disclose that AI was used; (3) cited cases and legal provisions must be verified by a human (to prevent the risk of AI fabricating precedent). This represents a pragmatic judicial posture toward AI tools — not banning use, but holding human responsibility non-transferable.

Formal supervisory expectations for AI model risk management in financial services — among the first dedicated banking-AI regulations globally.

MAS has codified the experience accumulated through FEAT (2018) → Veritas (2021) → MindForge (2024) into a formal set of supervisory expectations. Coverage spans model governance, third-party AI risk, model monitoring, human-in-the-loop, and incident response and accountability. The companion BuildFin.ai platform allows regulated institutions to continuously test and report. This is among the first dedicated banking-AI regulations in the world, landing earlier than the financial services provisions of the EU AI Act.

Best practices for AI system security across the full lifecycle — filling a gap in AI security governance.

Issued by CSA in October 2024, the guidelines cover the full AI system lifecycle: threat modelling at the planning and design stage, data and model security during development, security testing at deployment, and monitoring and incident response in operations. Particular focus is given to AI-specific risks such as adversarial attacks, data poisoning, model theft and supply-chain security. A 2025 companion paper, "Securing Agentic AI", extends the framework to agentic AI use cases.

Sets the legal perimeter for personal data in AI — the Business Improvement Exception leaves room for AI training.

Enacted in 2012 and substantially amended in 2020 to add AI-relevant provisions. The most important changes for the AI era: (1) the Business Improvement Exception — allowing personal data to be used to improve products and services, including AI training, without user consent, subject to a reasonableness test; (2) the right to data portability; (3) strengthened enforcement and penalties. Together with Copyright Act §244, the PDPA forms the dual legal foundation for the use of training data for AI in Singapore.