By: Sonny Zulhuda
Nope, this is not (yet) a ready paper. It’s an ongoing research that I am now conducting, funded by an internal research grant. It takes as the background the revolutionary growth of the information and communications technology and its use in the storing, processing and disseminating personal information.
We all know that such phenomenon (ICT+data processing) has unveiled one huge challenge in the form of identity theft. Described as unlawful acquisitions of personal data that belongs to others, identity theft incidents are reported in Malaysian media on regular basis. The lost, stolen or compromised personal data has not become an incident of its own. Rather, it provides “ammunitions” for further action such as credit cards forgery or impersonated bank accounts that are used as a platform for further crimes.
Recently local newspapers had flooded us with news on these, such as these:
Malaysians have lost RM4mil through phishing (identity fraud) within the first three months of the year alone. There were 457 cases recorded in the first quarter of the year, exceeding the 353 reported for the whole of last year where the victims lost a total of RM1.2mil. In 2009, only 75 cases were reported with total losses of around RM215,000. Federal Commercial Crime Investigations Department director Commissioner Datuk Syed Ismail Syed Azizan said the number of cases reported this year had reached a record high with authorities and the banking industry being almost powerless to curb it. (Click here for the report)
“Bank Negara warns of phishing email”
Bank Negara Malaysia (BNM) has warned of an email aimed at deceiving members of the public into disclosing their personal banking details. A statement issued by the central bank Thursday said the email, which claims to be from Bank Negara, urges people to update their account details through a provided hyperlink. “Intended victims receive emails purportedly from BNM, informing them that BNM is collecting personal banking information to update its database. They will be prompted to either click on a link or reply to the email directly. Once the victim clicks on the link provided in the email, they are directed to a fake website requesting disclosure of personal financial details such as credit or debit cards details including card code verification or other personal identification numbers (PIN),” the statement said. (Click here for the report)
Well well… is law of any help? I could see many shaking heads or raised eyebrows there 😉 Though the trend of the statistics (*yawn*) on identity theft is going up from time to time, it hardly ends up in the hands of prosecution. This incapability of the law has been largely credited to the absence of the specific law on identity theft.
Be that as it may, this situation is expected to improve. The recent enactment of Personal Data Protection Act 2010 (Act 709) seems to trigger a new hope to end the problems of identity theft in Malaysia. Or does it? This proposed research attempts to investigate and find the answers by analyzing the provisions of the new Act in the light of the identity theft problems…
That’s so far what I can share… the work is in progress, insyaAllah..