The new data protection law provides a regulatory framework for how personal data is allowed to be used, plus there are changes to industrial property regulations. Azlina Aisyah Khalid and Jason Cheah report.
The Personal Data Protection Act (PDPA) that was passed by the Malaysian parliament in June 2010 is expected to come into force within the year. Previously, information of a personal nature was protected as confidential information through contractual obligations or the common law, save for certain sectors. With the coming enforcement of the PDPA, there will now be a regulatory framework as to how personal data is allowed to be used.
The key objective of the PDPA is to control the processing of personal data by data users in the context of commercial transactions, with the intention of safeguarding the data subject’s interests.
"THE ADOPTION OF A WORLDWIDE NOVELTY STANDARD BRINGS MALAYSIA IN LINE WITH THE PRACTICES OF MOST OTHER JURISDICTIONS, INCLUDING OUR NEIGHBOURS INDONESIA, THE PHILIPPINES, THAILAND AND SINGAPORE."
‘Processing’ has been defined in the PDPA as collecting, recording, holding or storing personal data or carrying out any operation or set of operations on the personal data which can include, among others, the disclosure and alteration of personal data. Personal data processed by an individual for the purpose of personal, family or household affairs, including for recreational purposes, are excluded from the provisions of this act. Interestingly, the federal and state governments are also exempted from the PDPA provisions.
The PDPA has introduced the seven principles of data protection. In addition, the scope of the PDPA will encompass the registration of data users, the creation of a consumer data forum, the establishment of a PDP Commission and the appointment of a PDP Commissioner. A Provident Fund will also be created together with the PDP advisory committee, and appeal tribunal. Procedures on inspection, complaints, investigation and enforcement are also in the pipeline.
The seven PDPA principles
The rest of this article is locked for subscribers only. Please login to continue reading.
If you don't have a login, you will need to purchase a subscription to gain access to this article, including all our online content. Please use this link and follow the steps.
For multi-user price options, or to check if your company has an existing subscription to us that we can add you to for FREE, please email Atif Choudhury at achoudhury@worldipreview.com
personal data, PDPA, Malaysia, MICC
