September 26, 2009


Imagine this situation. Normally, when you book the flight’s ticket, you always will give your personal data such as National Registration Identity Card (NRIC) numbers, full name, address, and passport number to the flight’s company. All these information are your data privacy. Let’s say, the flight’s company uses this personal data for other purpose without asks your permission. It is has any legal action that you can takes against that company? Actually, it is very hard for you to take any legal action because in Malaysia there is no clear provision that govern on this issue. Can you imagine what will happen to you if the personal data that you give for other purpose had been use for something else without asks your permission but you do not have any right to take any legal action because no reference has been made to the existing law, neither any examination made to see if any relevant legal protection may be afforded to protect the personal data of individuals.

Based on the article “Poor privacy protection in Malaysia, says Privacy International” (, Malaysia scored miserably in the international ranking on privacy for 2007. In the International Privacy Ranking released on 28 December 2007, Malaysia shared the last spot with China and Russia and categorised as “endemic surveillance societies”. Malaysia’s poor record in privacy protection was said to be because of the absence of right to privacy in the constitution and other laws. The Centre for Independent Journalism executive director Gayathry Venkiteswaran said there is generally very little appreciation for privacy and data protection in Malaysia, and individual information is easily available to the authorities and other parties. She also said that individual information is not protected and can be use virtually by anyone for any purpose, but the authorities protect public interest information such as development deals, concessionaire agreements and consultancy agreements secret under the Official Secrets Act.

To protect personal data, Malaysia prepared the draft legislation in 1998, but it has yet to be tabled in Parliament. There are several reasons that make it necessary to have legislation to regulate this aspect. Among the reasons are (“Protection of Online Privacy & Its Impact on E-Commerce” by Hurriyah El Islamy):

1. The ability of technology to gather, retrieve, disseminate and manipulate personal data has given rise to concerns that the privacy of the individuals can be easily compromised and abused.

2. Security and privacy are often cited as some of the main reasons for the slow growth of electronic transactions.

3. The legislation may promote e-commerce in the country, as the availability of legal protection of personal data will encourage the consumers to transact online.

4. Having legislation is necessary for some countries to counter the effect of regulation that gives room for activities that may amount to privacy intrusion, such as unwarranted police wiretapping or corporate abuse of information.

5. There is a need to respond to legislative developments in other parts of the world in order to lift the data-sharing restriction imposed by several states’ legislation.

6. The last reason is one of main concerns to many countries in disregard of the countries’ preference of the method to regulate the flow of information over the Internet.

Most of the countries have been enacted the statues related to data protection in order to protect personal data against misuse by irresponsible parties. Therefore, with statues that governs personal data (i.e. Data Protection Act) we have the right to take any legal action, if anything happen to our personal data. Besides that, the protection to personal data is also important to provide safeguards against abuse of some provisions that permit the commission of some acts that would otherwise amount to invasion of data privacy. In example, section 79 of the Digital Signatures Act 1997 provides that a police officer conducting a search with or without warrant (in accordance with sections 77 and 79 respectively) shall be given access to computerised data whether stored in a computer or otherwise (s. 79(1)). Without the availability of legal provision that provides protection to personal data, these provisions and any other provision of similar nature can easily be abused. To protect from all these happen, we need legal provision on this issue.

In conclusion, in Malaysia our personal data is not protected because there is no clear provision that govern our personal data. Therefore, the Parliament should pass the Bill of Personal Data Protection to ensure our personal data will be protected.


N.HIDAYAT said...

huh sorry, but i really disappointed to read that our country had listed as one of the country which had a poor privacy protection! we had developed so much in our country but sadly, we left out one of the most important provision...

something must be done, we cannot wait for another general election for the data protection act to be pass...

dont u think so

hidayat- computer evidence


don't worry dayat..
insyallah, after Parliament pass the Bill of Data Protection, the situation will be different; our personal data will protected under this law..

records management said...

I heard the bill passed, I was wondering if things are different for you now these days. Data protection is without a doubt a basic right we all deserve as I do hope that it is being reinforced in your country...

silk dupioni said...

I think that data protection is very important. We have to secure our data because plenty of data are hacking online everyday.