By: Sonny Zulhuda
In March, I featured in The Sunday Star (9/3/2014) reporting on the need to establish a “Do not call registry” to protect people’s personal information. The main issue discussed was to scrutinize an initiative to have a DNCR and its operational and legal challenges. The full report can be traced here.
The question that was posed to me was: (1) How good is the idea of DNCR for Malaysian consumers? AND (2) Do you foresee any issues that might arise when they implement this?
Here are my comments:
- The PDPA 2010, unlike Singapore’s law, does neither provide nor mandate specifically about Do Not Call (DNC) registry.
- Nevertheless, DNC registry is an advanced step towards protecting individuals personal data, therefore it is highly commendable. It does require a carefully-structured procedure and rules.
- While the consumers will be the biggest beneficiary, industries will bear a lot of consequences — understandably. Telcos will be the most concerned, and next will be the marketing industries and practically all sectors that practise direct marketing.
- However, difficulties are also there: as telcos may indirectly put the burden on the consumers if they require DNC’s. The best way to do is there must be joint role between telcos, customers and DNC registry operators to help individuals alert and understand how to join the DNCR.
- Question arises as to who operates, manages and processes the DNCR? What safeguards are put in place? How adequate? Does it involve an outsourcing co? Or a cloud service? Etc. I heard in Singapore they were unexpectedly overwhelmed by the huge interest of people in joining the DNCR
- By the way, direct marketing or SMS campaigns etc has not always been caused by individuals or private sectors. Can we ensure the Government sector appreciate the users of DNCR and thus uphold their privacy preferences as well? Would that be ineffective due to the non-applicability of PDPA to Governments? That is certainly another aspect to watch.
Here are some snapshots from the report: