The Personal Data Protection Act (PDPA) that was passed by the Malaysian parliament in June 2010 is expected to come into force within the year. Previously, information of a personal nature was protected as confidential information through contractual obligations or the common law, save for certain sectors. With the coming enforcement of the PDPA, there will now be a regulatory framework as to how personal data is allowed to be used.
The key objective of the PDPA is to control the processing of personal data by data users in the context of commercial transactions, with the intention of safeguarding the data subject’s interests.