Personal Data Protection Act 2010: Taking the First Steps towards Compliance

Akta Perlindungan Data Peribadi 2010: Mengambil Langkah Awal ke arah Pematuhan

Authors

  • Farah Mohd Shahwahid KUIS
  • Surianom Miskam KUIS

Keywords:

Personal Data Protection Act 2010, Personal Data, Data User, Data Subject, Compliance

Abstract

With the coming into force of the Personal Data Protection Act 2010 (PDPA 2010) on 15 November 2013, business entities (data users) are now obligated to comply with the principles of data protection enshrined in the Act. The aim of PDPA 2010 is to ensure that personal data of consumers (data subjects) that are collected, stored and used by the data user is being handled in the correct manner. The Act contains seven principles of data collection in line with data protection legislations worldwide. This study aims to discover whether the provisions of PDPA have been complied with by the data users. This will be done by looking at the provisions from the Act regarding the principles of data protection as well as the duties for compliance to the legislation. Furthermore, the privacy policy from selected data user business entities from selected industries are examined. The study also seeks to discover what are the barriers that need to be overcome in implementing PDPA 2010 successfully.

Dengan berkuat kuasanya Akta Perlindungan Data Peribadi 2010 pada 15 November 2013, semua entity perniagaan (pengguna data) diwajibkan mematuhi prinsip-prinsip berkaitan perlindungan data yang terkandung dalam Akta tersebut. Objektif utama Akta ini adalah untuk memastikan bahawa segala data peribadi orang awam (subjek data) yang dikumpul, disimpan dan digunakan oleh pengguna data dalam aktiviti komersial dikendalikan mengikut prosedur yang ditetapkan. 7 prinsip perlindungan data peribadi yang digubal selari dengan perundangan perlindungan data yang digunapakai di seluruh dunia. Kajian ini akan melihat kepada pematuhan pengguna data kepada peruntukan-peruntukan yang terkandung dalam Akta ini dengan melihat kepada peruntukan-peruntukan berkaitan dalam Akta berkenaan prinsip-prinsip perlindungan data dan tanggungjawab pengguna data terhadap pematuhan Akta ini. Di samping itu, polisi privasi data peribadi beberapa entiti perniagaan yang tertakluk kepada Akta ini akan dikaji untuk melihat sejauhmana mereka mematuhi kehendak Akta ini. Kajian juga cuba mengenalpasti apakah halangan yang perlu di atasi untuk memastikan Akta ini dapat dikuatkuasakan dengan berkesan.

Downloads

Download data is not yet available.

References

Businesses in the dark over PDPA, retrieved from: http://www.thestar.com.my/News/Nation/2014/02/02/Businesses-in-the-dark-over-the- PDPA/, accessed on 20 April 2014.

Comply with Act or face action, data users warned, retrieved from: http://www.thestar.com.my/News/Nation/2014/02/02/Comply-with-Act-or-faceaction-data-users-warned/, accessed on 24 April 2014.

Data Protection Act gazzetted effective today, retrieved from: http://www.themalaymailonline.com/malaysia/article/data-protection-act-gazettedeffective-today, 15 November 2013 accessed on 11 May 2014.

Data users must register with Personal Data Protection Dept by Feb 15, retrieved from: http://www.thestar.com.my/News/Nation/2014/02/06/Data-protection-Feb15/, accessed on 2 May 2014.

http://celcom.com.my, retrieved on 2 May 2014.

http://pdp.gov.my, retrieved on 2 May 2014.

http://www.maybank2u.com.my, retrieved on 2 May 2014.

http://www.tm.com.my, retrieved on 4 May 2014.

Greenleaf, Graham, Sheherezade and the 101 data privacy laws: Origins, significance and global trajectories, September 10, 2013, Journal of Law, Information & Science, 2013 UNSW Law Research Paper No. 2013-40.

Munir, A. B. (2010). The Personal Data Protection Bill 2009, Malayan Law Journal Articles [2010] 1 MLJ cxix.

Munir, AB. (2012). Personal Data Protection Act: Doing Well by Doing Good, Malayan Law Journal Articles [2012] 1 MLJ lxxxiii.

Protecting Your Personal Data, retrieved from http://www.thestar.com.my/News/Nation/2012/02/12/Protecting-your-personal-data/, accessed on 24 April 2014.

NUBE: Bank staff forced to give up their personal info, retrieved from: http://www.thestar.com.my/News/Nation/2014/02/02/Nube-Bank-staff-forced-to-giveup-their-personal-info/ accessed on 2 May 2014.

Website of Foong Cheng Loong (advocate & Solicitor) Legal Articles on Intellectual Property, Social Media, Data Privacy, Franchise and Others retrieved from: http://foongchengleong.com/2013/11/enforcement-of-the-personal-data-protection-act- 2010-4/ accessed on 24 April 2014.

Yong, P. K. (2009). Privacy and Personal Data Protection In The Malaysian Communications Sector -- Existing In A Void? Malayan Law Journal Articles [2009] 5 MLJ ciii.

You can’t call me anymore, retrieved from: http://www.thestar.com.my/News/Nation/2014/03/09/You-cant-call-me-any-more/, accessed on 2 May 2014.

Your data is your own, retrieved from: http://www.thestar.com.my/News/Nation/2014/02/02/Your-data-is-your-own-Checkbefore-giving-your-consent-says-PDP-commissioner/, accessed on 24 April 2014.

Downloads

Published

2015-11-16

Issue

Vol. 5 No. 2 (2015): Journal of Management & Muamalah

Section

Articles

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

How to Cite

Personal Data Protection Act 2010: Taking the First Steps towards Compliance: Akta Perlindungan Data Peribadi 2010: Mengambil Langkah Awal ke arah Pematuhan. (2015). Journal of Management and Muamalah , 5(2), 64-75. https://www.jmm.uis.edu.my.kuisjournal.com/index.php/jurnal/article/view/87

Similar Articles

31-40 of 117

You may also start an advanced similarity search for this article.