What are the key email privacy laws in the APAC region?

Still have a question, spotted an error, or have a better explanation or a source we should cite?

If your list has any APAC subscribers, you're likely dealing with multiple opt-in consent requirements. Unlike CAN-SPAM's opt-out model, most APAC laws require permission before you send.

Australia's Spam Act 2003 is one of the strictest. It requires consent (express or inferred from a business relationship) before sending commercial messages, accurate sender identification, and a working unsubscribe. ACMA (Australian Communications and Media Authority) enforces it actively with significant penalties. Singapore's PDPA (Personal Data Protection Act) requires consent for marketing and makes senders check a national Do Not Call Registry before sending. Japan's Act on Regulation of Transmission of Specified Electronic Mail requires opt-in for most commercial email, with additional provisions for mobile messaging.

India's DPDP Act (Digital Personal Data Protection Act, 2023) creates consent requirements with notice, purpose limitation, and individual rights for personal data processing. South Korea's PIPA (Personal Information Protection Act) requires explicit consent and has strict rules on cross-border data transfers, which can affect how you use ESPs that process data outside Korea.

APAC laws differ in their specifics, but they all lean toward opt-in. The safe practical approach: treat your entire APAC list as requiring consent and don't assume any commercial relationship counts as permission without checking the specific law. Australia and South Korea are the ones most likely to generate enforcement action.

Contributors

Who worked on this answer

Every name links to their profile. Every company links to their site. Real people, real accountability.

Ask an AI · tailored to your setup

Help me figure out which APAC laws apply and what I need to do for my subscribers in those regions.

I read this on the Email Almanac about key email privacy laws in the APAC region. I want to figure out which APAC laws apply to my subscribers and what I need to change. My situation: 1. Do I have subscribers in Australia, Singapore, Japan, India, or South Korea? yes, which ones / no / unsure 2. Do I have explicit consent on file for my APAC subscribers? yes / no / unsure 3. Does my ESP process subscriber data in ways that comply with cross-border data transfer rules? yes / no / unsure 4. Does my unsubscribe mechanism work within the timeframes required by each country? yes / no / unsure 5. Have I had deliverability issues or complaints from APAC recipients? yes / no --- My details: - Email platform/ESP: e.g. Mailchimp, SendGrid, HubSpot - Domain(s): your sending domain - Sending volume to APAC: estimate or percentage - Business type: e-commerce / SaaS / newsletter / B2B

Edit the yellow boxes, then send to the AI of your choice.