That Nexus between the Digital Economy, Cyber Security and Data Privacy

By: Sonny Zulhuda

Let us first define it. Digital Economy is “the worldwide network of economic activities, commercial transactions and professional interactions that are enabled by information and communications technologies” (Techtarget). It involves all the economic activity that “results from billions of everyday online connections among people, businesses, devices, data, and processes, with the interconnectedness of people, organisations, and machines” (Deloitte). This interconnection, says Deloitte, results from the Internet, mobile technology and the internet of things (IoT) is deemed a backbone.

Indeed, behind this digital economy revolution is the massive use, sharing and exploitation of data in an intensified new level of Volume, Velocity, Variety, Variability, Veracity, Visualization, and Value; a.k.a Big Data. With this big data, we have moved from automation to digitization and now to a datafication.

“Datafication” is the process of quantifying all information around us: our location, movement, communications, usage of devices, etc. which will allow us to use such information in new ways, such as in predictive analysis. This will help us further to unlock the implicit, latent value of the information. I remember using this term for the first time in my publication in 2015:

S. Zulhuda, I.M. Abdul Ghani Azmi, N. Hakiem. 2015. “Big Data, Cloud and Bring Your Own Device: How the Data Protection Law Addresses the Impact of Datafication.” Advanced Science Letters 21 (10), 3346-3350.

Commenting further on this topic, it is worthy to look at the report issued by the World Bank in 2018: “World Bank Group. 2018. Malaysia’s Digital Economy: A New Driver of Development. World Bank, Washington, DC. © World Bank.”

It highlights some findings which led to the writing of this article: What needs to be done?

It says that “businesses in Malaysia have adopted digital technologies less readily than the government and population.” This actually means that our businesses in Malaysia have not seemingly optimised their exploitation of the digital economy and thus are late in reaping the benefits it carries for us. The digital divide in Malaysia has had some share of blame here. The World Bank report says that due to the digital divide, Malaysia lags behind international peers in digital adoption by businesses. It points out that only 62% of businesses are connected to the Internet, 46% has fixed broadband and 18% have a web presence.

So in this topic that I had presented it in a Workshop on Digital Economy at the Malaysia’s Public Administration Institute recently I pointed out the primary key barriers to the digital economy in Malaysia, especially those relate to the cyber security and data privacy and governance.

We have to recognise that it is crucial to create a dynamic ecosystem for the digital economy to improve the infrastructure, regulations, skills and public finance. Furthermore, we need to increase the volume and adoption of digital transactions and the use of digital cash. At the moment we are in, this will certainly require an overhauling of regulations and more protection of consumer comfort.

It is interesting that the World Bank Report highlighted a timely ongoing tensions between data protection and its legitimate use for commercial purposes as part of the area to improve in Malaysia. This come side by side with the issue of the lack of data sharing in Malaysian public and private sectors, an issue often cautiously approached due to security concerns.

Where to go from here?

There are few areas worthy of concerns and improvement relating to the data security and privacy issues. I concluded it in the following:

Eliminating Barrier #1: Creating a dynamic Regulatory ecosystem for the digital economy

Strengthening Electronic Commerce Law by upholding the legality of e-Contract, digital transaction, mobile communications, and smart contracts. The legitimate usage of e-contract and e-evidence depends on the integrity and retrievability of the data [s.8 of E-Commerce Act 2006]. See: Yam Kong Seng & Anor v Yee Weng Kai [2014] 4 MLJ 478. We also need to ensure the legal recognition of electronic payment system and Financial Technology (FinTech) services and products. Otherwise, this agile sector will be suffering from a legal uncertainty and it is a nightmare for any industry or business.

Eliminating Barrier #2: Stronger Consumer Protection in the digital Economy

Furthermore, we should always promote the consumer protection law in this country which is capable of giving some (if not minimum) guarantee that their legal interests are duly protected by our law. It is good to note that our Consumer Protection Act law is now applicable to any transactions made or pursued online or electronically. This is a good news for our e-commerce sector.

As we know, the Consumer Protection Law protects consumers against manufacturing defect, design defect and marketing defect. There are also provisions against unfair terms, i.e. terms which cause a significant imbalance in the rights and obligations of the parties arising under the contract to the detriment of the consumer (CPA 1999 sec. 24A).

This will lead to ensuring that our businesses adopt consumer-friendly e-commerce websites. Both the consumer protection law and personal data protection law will have a role in that. A fair set of terms should be set for the e-commerce consumers as mandated by the CPA 1999. Besides, clear and transparent terms relating to the rights of consumers to their personal information will have to be provided by businesses by virtue of the PDPA 2010.

Eliminating Barrier #3: Personal Data Protection and Its “Legitimate Use”

Personal data processing is now regulated in two primary legislations, namely the Personal Data Protection Act 2010 [Act 709] and the Credit Reporting Agencies Act 2010 [Act 710]. On top of that, the common law principles against breach of privacy and breach of confidentiality would still play an important role in ensuring data governance in Malaysia. As what amounts to the “legitimate use”, we shall see the gist of the PDPA 2010 on the seven principles of the personal data protection laid down in sections 5-12 of the Act. I had mentioned the details of this in other parts in my blog.

Eliminating Barrier #4: Data Security for A Sustainable Digital Economy

This criminal law plays a very important role for the improvement of our digital economy too. It is both critical and timely to have laws that criminalise the acts of compromising data security, because data security is now the need for everyone. Thus acts such as illegal intrusion, system sabotage, data breaches etc. will be met by sanctions and punishment. Any potential offender can be arguably deterred by the prospect of getting criminal sanctions.

These are, I think, what can be done to further promote and enhance of digital economy, especially here by rectifying the risks that may harm the nexus between the digital economy, cyber security and data privacy.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s