By: Sonny Zulhuda
Now everyone can “fly”! Yes we know that. But when you fly, will your personal information fly away in the sky? That, not everyone knows. This is the simple question that makes the backdrop of my recent paper, to be presented in Singapore’s International Conference of Social Science and Humanities (ICSSH2011) at the end of this month.
The paper is entitled: “Personal Data “Up in the Air” – A Tale of Two Malaysian Airlines in Dealing with Consumers Online Privacy.” It is a joint effort with one of my former students Ms. Maryam Delpisheh.
We know that uncertainties and concerns surrounding the privacy of personal information in Malaysia in the wake of many data abuse incidents had led to the passing of Personal Data Protection Act (PDPA) 2010. In a market where personal data has long been widely traded and unjustifiably exploited, the coming of this law could resemble the arrival of a long-awaited messiah expected to correct the evils and rectify people’s problem in a very immediate manner.
Once the law is in force, a wide range of industries that process personal data of individuals would have to reformulate their entire business processes to comply with the new legal requirements. In order to do that, they will need to perform critical self-assessment to ensure their business practice does not contravene the law and not trigger criminal liabilities.
Against this background, the current paper seeks to analyze how the Malaysian airlines industries – represented by the two biggest players Malaysian Airlines (MAS) and AirAsia – treats consumers’ personal data based on their existing online policies.
The research on this particular sector is very significant for two reasons: firstly, because airlines industry is relatively massive personal data users (especially on their passengers’ data). Secondly, the two companies have now aggressively embarked into online environment which sees them collecting and processing more personal data through their websites and online processing mechanism.
The ultimate goal of this assessment is to see to what extent their existing online privacy policies and practices are in line with the personal data protection principles provided in the PDP Act 2010. Using critical methods of discussion, this paper aims at producing gap analysis and recommendations as to how the industry should improve their privacy policy and make it closer to the legal requirements in protecting consumers’ personal data.
Keywords: E-business; business information management; airline industry; personal data protection; compliance.
TRIBUTE 