Malaysia to call for public feedback in updating PDPA
MALAYSIA is picking up the pace with data privacy and protection.
Recently, its Communications and Multimedia Minister Gobind Singh Deo announced that a series of consultations will be held to discuss possible amendments to the 2010 Personal Data Protection Act (PDPA).
This initiative will be open to the Malaysian public. From February 14 to 28, they will be able to access and provide feedback on this matter via the Ministry’s official web portal.
This is part of the Ministry’s ongoing effort to ensure that the country is keeping up with the rapidly changing digital landscape.
It came as a response to the findings of the Department of Personal Data Protection (JPDP) after they identified gaps between its data laws when compared to those in other ASEAN countries, Japan, South Korea, and the EU.
The JPDP conducted this research last year through the establishment of four task forces, and also through a series of workshops that were attended by industry experts, regulators, government agencies and academics.
“These amendments are important to strengthen personal data in Malaysia, while ensuring the existing law is in line with the revolution of the digital economy, technology, social, and surrounding development. The draft will undergo fine-tuning in March.”
All this, he emphasized, is also timely, considering the country’s digital economy growth and the growing importance of its e-commerce sector.
Some of the proposed issues to be discussed and considered for possible amendments include expanding applications of the law to data processors, making it compulsory for data users to report data breaches to authorities, extending the rights of the data subject and simplifying cross-border personal data transfer.
Now is just as good a time as ever to review the PDPA.
A report recently surveyed 47 countries, and found Malaysia to be in the bottom five in terms of data privacy protection.
There is a need for a more in-depth privacy law that covers all matters: currently, there is only the PDPA in place that protects the personal data of a data subject.
There is also a scarcity of laws that covers more advanced technologies like biometrics and face recognition. This deserves attention as these technologies are now used on a large scale in the country.
Just in the Malaysian National Identity Card, for example, holds biometric data and sensitive information such as bank details and health information.
The PDPA undoubtedly did do some good in safeguarding data privacy.
However, constant revisions are required as technology advances, to ensure that it stays relevant and in pace with changing times.
The Malaysian government’s move to seek public feedback while revising the PDPA is also a commendable one. It is, after all, the people’s data that they are protecting, and it is also the people who, to a large extent, know their data the best.