Privacy Policy in Corporate Practices

By: Sonny Zulhuda

Today my MBA students presented their assessment on privacy policy. This is a practical session for them to see how the principles of personal data protection are being put in in real life corporate conduct. They form a group and choose company of their own in order to look at their privacy policy as stated in their official websites.

The session was very informative and interactive, in which students were to highlight in summary what those companies do in general and what they do with personal information. Then they presented their assessment, examining how good the privacy policy is prescribed, and how well it is compliant with the principles of personal data protection law.

Among the interesting findings that they presented were: Continue reading

Advertisements

Data Protection Principles under PDP Law

By: Sonny Zulhuda

Understanding data protection principles is crucial to (re)formulate the business processes. For companies and organisations that in any way involve the use and exploitation of personal data of their employees, customers (actual and potential) and business partners, series of actions need to be taken to comply with the legal regime on data protection.

In Malaysia, this is particularly a cause of concern nowadays as the new law on personal data protection clearly requires data users to take certain actions.

Laid in the main body of the law is the prescription of data protection principles from which stemming all the rights, duties and liabilities of each of data user and data subject (Note: ‘data user’ is those who use, collect, process, etc. the personal data that belong to certain individuals. Those individual are called ‘data subject’).

In Personal Data Protection Bill that was recently passed by Malaysian Lower House of Representatives, the principles of personal data protection is laid down in Part II, sections 5-12. Continue reading

Credit Reporting Agencies (CRA) are NOT covered by PDP Act 2010

By: Sonny Zulhuda

Much have been said and written in the past two days regarding the passing of the Personal Data Protection (PDP) Act by the Dewan Rakyat on Monday this week. Of those hypes and hits, the name CTOS has been among the top, even days and months before the lawmakers finally okays the law.

Not less than parliament members from both sides (ruling and oppositions) as well as the Minister in charge of the law had indicated that with the birth of this Act, people’s suffering and distress due to the alleged misuse of their data by credit reporting agencies (also known as credit rating agency), such as CTOS (Credit Tip-Off Service Sdn Bhd) will see the end.

So happy ending, or is it? I do not think so. And I think this is a mistake, which is unfortunately echoed by the press and media.

Continue reading

Personal Data Protection Bill passed by Malaysian Parliament

By: Sonny Zulhuda

It is official now, that the long-awaited personal data protection (PDP) Bill had been passed by the Malaysian House of Representative (Dewan Rakyat). I personally attended the debate that was held yesterday, Monday, 5 April 2010 in the Dewan Rakyat. I am particularly glad that I could make it to the Parliament to watch the passing of the Bill that had filled much of my research time since I was doing my Masters dissertation on PDP law back in 2000.

The debate that took place between 17.00 hrs-19.30 hrs was to me more than just a formality of legislative process. MPs from both sides took turn to present their views, experiences, concerns and arguments on many aspects of the law. Some took even lengthy time to establish their points, citing a number of provision of the Bill.

Continue reading

  • April 2010
    M T W T F S S
    « Mar   May »
     1234
    567891011
    12131415161718
    19202122232425
    2627282930  
  • Visitor

    free counters

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,582 other followers