KINIGUIDE | How do other countries regulate social media?
KINIGUIDE | Malaysia’s new regulatory framework for social media and internet messaging service providers that have at least eight million registered users in the country came into effect on Thursday (Aug 1).
The Malaysian Communications and Multimedia Commission (MCMC) said this is to ensure service providers comply with Malaysian laws to address rising cybercrime, including online fraud, cyberbullying, and sexual crimes against children.
However, Putrajaya’s move to regulate social media is not the first of its kind, as acts and legislation have been introduced in other countries in a bid to tackle such crimes.
In this instalment of KiniGuide, Malaysiakini takes a deep dive into how other countries are regulating social media platforms.
Singapore
While Singapore does not regulate social media providers through licensing rules, the republic has fairly strict laws - the Protection from Online Falsehoods and Manipulation Act (Pofma), Online Safety Act (OSA), as well as Online Criminal Harms Act (Ocha).

Through Pofma, the Singapore government can compel social media sites to either publish corrections or cease publication of content it deems “false”.
Meanwhile, under the OSA, social media platforms are required to “block access to harmful content within hours”.
However, if an online platform refuses to remove harmful content, the Infocomm Media Development Authority (Imda) can order internet service providers to block access to it in Singapore.
Imda is the republic’s regulator for the information, communication, and media sector.
Ocha, which took effect on Feb 1, allows the government to issue directives to restrict and limit Singapore users’ exposure to criminal activities on online platforms.
The Straits Times reported that these orders can be issued to any online service provider, entity, or individual, as long as there is reasonable suspicion that an activity online is linked to a specified offence.
Among the offences include online activities linked to terrorism, internal security, racial and religious harmony, drugs, violence, and scams.
If the directives are not followed, an Ocha order can be issued to restrict access to the service or part of the service to limit further exposure to criminal activity.
United Kingdom
Despite being deemed a controversial law by critics, the UK government passed the Online Safety Act in October 2023.
The government stressed that the act is intended to make online services safer for individuals in the UK, especially children.
According to a report by the Associated Press, the law applies to any internet company, regardless of its location, as long as UK users can access its services.
The platforms will be required to prevent children from accessing content that, while not illegal, could be harmful or inappropriate for their age.
This includes materials related to pornography, bullying, the glorification of eating disorders, or providing instructions for suicide.

The act also criminalises certain online behaviours, such as cyberflashing - which involves sending unsolicited explicit images to someone.
However, the act creates a conflict between the British government and tech companies over encryption technology. It empowers regulators to demand that encrypted messaging services use “accredited technology to scan encrypted messages for terrorist or child sex abuse content”.
Non-compliant companies risk fines of up to £18 million (about RM102 million) or 10 percent of their annual global revenue, whichever is greater.
European Union
The European Union enacted the Digital Services Act in 2022 to better protect EU users from hate speech, disinformation, and other harmful online content.
The landmark legislation prohibits targeting vulnerable categories of people, including children, with advertisements.

The act requires social media platforms to make it easier for users to flag problems and ban online ads aimed at children.
Authorities have warned social media companies that violations could result in fines of up to six percent of their global revenue, which could amount to billions of dollars.
Repeat offenders risk being banned from the EU.
Australia
The Australian government, in 2015, established the Children’s eSafety Commissioner position, under the Enhancing Online Safety for Children Act, to protect children from cyberbullying.
In 2017, the government expanded the position’s scope to cover online safety for all Australians.
The country’s online safety regulator can issue a takedown notice to social media companies to remove harmful online material, or block access to protect Australian users from viewing the said content.
In 2021, the Online Safety Act was passed, expanding the country’s existing online safety laws to keep pace with abusive behaviour and toxic content.
The legislation gives eSafety the power to order social media firms to remove flagged harmful content within 24 hours or face penalties of up to a AU$555,000 (RM1.6 million) fine. Individuals who post said content could be fined up to AU$111,000 (RM325,000).
Indonesia
In 2020, neighbouring Indonesia introduced regulation on Private Electronic System Operators, which requires all tech companies to register for a licence.
The regulation allows government agencies to order companies to remove content on social media that either violates Indonesian law or is considered to “disturb public order”.
Such content needs to be taken down between four hours for urgent requests and 24 hours.
The Indonesian government can also compel companies to reveal communications and personal data of specific users if requested by law enforcement or the authorities.

On July 18, 2022, the republic reportedly threatened to block tech giants such as Meta and Google from the country if they did not register under the licensing rule before the July 20 deadline.
The platforms, however, registered in time to prevent being blocked.
So... what about Malaysia?
Contrary to Deputy Communications Minister Teo Nie Ching’s explanation that Malaysia’s new licensing rules resemble those of Singapore and the UK, they seem to be more closely aligned with Indonesia’s.
As clarified above, Singapore and the UK regulate social media platforms without requiring licensing.
However, in terms of requirements and measures to be implemented by the platforms, it appears Malaysia is mirroring efforts by Australia, the EU, Singapore, and the UK.
The requirements listed by MCMC include:
Protection of user data
Ensure child safety, including restricting any users under the age of 13
Address online harm including cyberbullying, online scams, and sexual grooming
Transparency in advertising and restriction of advertisement scams
Safeguard minors from harmful content and misleading advertisements
Simplify complaint procedures for users, response time
Manage deep fakes and other harmful AI-generated content
Service providers in Malaysia will have until Dec 31 to register for a licence before implementation is enforced on Jan 1, 2025.
The licence is valid for one year from the registration date and service providers need to reapply every year.
Under Section 126 of the Communications and Multimedia Act, providers who fail to get licensed by the deadline can be fined not more than RM500,000, face jail for five years, or both.
They can also be fined RM1,000 for every day or part of a day as long as the offence continues.
Putrajaya’s new social media licensing move has drawn mixed reactions from critics and experts.
On July 28, Deputy Prime Minister Ahmad Zahid Hamidi said the government would shut down unlicensed social media platforms and internet messaging services on Jan 1, 2025.
Following the new regulations, former Bersih chairperson Ambiga Sreenevasan branded the federal government as the “most dictatorial government”.
However, Prime Minister Anwar Ibrahim assured that the licensing scheme would not be used to stifle free speech.



