By: Sonny Zulhuda
In the week that passed I spoke in one national seminar on Personal Data Protection Act that took place in the The Ritz Carlton Kuala Lumpur, July 21, 2010. The audience came from various industries including banks, regulators, insurance, medical services, investment as well as legal firms.
My session that went between 12.00 -01.00 pm focused on the Rights of Individuals as Data Subjects under the newly-passed Personal Data Protection Act 2010 of Malaysia. Those rights of data subjects were provided in Part Two, division 4, sections 30-44. In short, those rights can be enlisted as follows:
- Right to access
- Right to correct data
- Right to withdraw consent for data processing
- Right on sensitive data
- Right to prevent distress/damage
- Right to prevent direct marketing
The session was ended with discussing some prominent issues that confronted individuals such as issues of workplace monitoring, junk mail/spam, data theft, and pictures taken at public places. One important message (of many) that I discussed with audience was that, in order to achieve better implementation of law, organizations should see and manage it using the perspective of individuals, not merely that of the organisation; because in organisations, their people (employers, employees, business partners) are all data subjects too.