Legal and Industrial Frameworks on Data Management

By: Sonny Zulhuda

At the closing week of year 2009, I’ll present my paper entitled: ‘Corroborative Intersection between Information Security Standards and the Legal Framework on Data Management’ at the Second International Conference on Computer ad Electrical Engineering (ICCEE 2009), 28-30 December 2009, Dubai, United Arab Emirates. The conference is organized by IEEE and IACSIT, both are renowned international associations for the electronic, computer and IT industry professionals. having gone through review and recommendations, over 200 papers will be presented at the two-day parallel sessions, discussing various aspects of computer and electronic industries. My paper talks about legal and industrial frameworks. I am looking forward to meeting the participants in person and having some networking sessions.

Here is the abstract:

This paper examines the intersection between the industrial standards and the legal framework in defining the scope of information security obligations in relation to the management of data and information assets. It undertakes two primary tasks; namely assessing the scope of legal compliance as stated in the internationally-accepted information security standards, in particular the Information Security Management Standards (ISMS); and identifying the legal trends adopted by laws in major jurisdictions, especially the UK and the US. It found that the intersection between the standards and the law is crucial and corroborative; one is found to compliment the other.

Some more snapshots and briefs will come soon.

Personal Data Protection (PDP) Bill 2009

By: Sonny Zulhuda

This November 2009 is marked with the tabling of a long-awaited law in the Parliament of Malaysia: the Personal Data Protection (PDP) Bill 2009. The complete draft can be obtained from the Parliament’s Website. Professor Abu Bakar Munir from University of Malaya has shared with us his views on the overview of the law. My further comments will also follow in due course.

This is a good news for Malaysian public. The days full with series of unsolicited calls and mails from marketers may in the near future be counted. We hope for the best to come out from this legislative exercise. Good luck MPs!

Note: for a related law on credit reporting agencies, you can check another draft Bill on Credit Reporting Agencies Bill from the Parliament’s website.

A Brief Note on Malaysia’s Payment Systems Act 2003

By: Sonny Zulhuda


Malaysia regards electronic commerce as a powerful driver for the national development and economic growth. This belief has be reinforced by the setting up of national policies and laws seeking to ensure that processes, tools and technologies are put in place to facilitate the electronic commerce. Among those laws is the Payment Systems Act (‘PSA’) 2003 (Act 627) which came into force on 1st November 2003). It is a principal legislation which provides for the framework for the regulation and supervision of the payment systems and payment instrument in Malaysia.

When anticipating the birth of this law, the Central Bank Governor emphasized that the study on the legal and regulatory framework was undertaken to enhance the efficiency of payment system and to specifically provide the mandate to the Central Bank of Malaysia to effectively oversee and facilitate greater development of such system in the country.

Continue reading “A Brief Note on Malaysia’s Payment Systems Act 2003”