By: Sonny Zulhuda
It is official now, that the long-awaited personal data protection (PDP) Bill had been passed by the Malaysian House of Representative (Dewan Rakyat). I personally attended the debate that was held yesterday, Monday, 5 April 2010 in the Dewan Rakyat. I am particularly glad that I could make it to the Parliament to watch the passing of the Bill that had filled much of my research time since I was doing my Masters dissertation on PDP law back in 2000.
The debate that took place between 17.00 hrs-19.30 hrs was to me more than just a formality of legislative process. MPs from both sides took turn to present their views, experiences, concerns and arguments on many aspects of the law. Some took even lengthy time to establish their points, citing a number of provision of the Bill.
From opposition point of view, despite their agreement in principle for the need of such law, there are some few concerns raised, mainly:
- On the applicability of the law, they argue it should extend the application to the biggest data pool in the country, i.e. the Government (The law in section 3 excludes Federal & State Govts. from its application).
- Argument that the Commissioner should be answerable to Parliament instead of Minister.
- That the law provides too wide exemptions. One MP cited that this is not in line with the international standard as found in the EU Directive. (The latter only provides 3 exemptions).
- That time frame should be prescribed on certain obligations such as the retention period.
The ruling side maintains that the Government should be excluded from the application due to certain necessity that was not so elaborated though. Or maybe I just did not get what the argument was. But obviously I think this is the policy that has been opted by the Government. Or perhaps we can be assured that there are other laws or rules in place that would control the misuse of of personal data at the Government agencies.
The argument that PDP Commissioner should be answerable to Parliament was refuted on the basis that such manner would be a distortion from the established doctrine of separation of powers that is adopted by the Malaysian constitution.
Though not all the issues were elaborately responded or discussed, the Parliament finally went on to the voting and, as expected, majority of the attending MPs were in favour of the Bill. I could hear one or two people said ‘tidak’ (‘no’) when the Yang Dipertua Dewan Rakyat asked the MPs of their agreement to pass the Bill.
The Bill was finally passed without any change. The Bill draft can be downloaded from the Parliament website (see the link provided in my previous entry)
The debate ended with big smile in many faces. But, as some MPs were concerned, left some questions on the efficiency of its implementation in future. Well, let them and the government work it out and make the law a real gift for the people who have suffered enough for the abuse of their own personal data.