Lecture on Personal Data Protection Principles under the Malaysian Law

By: Sonny Zulhuda

I delivered this lecture for MBA students at the Faculty of Management, Multimedia University (MMU), Cyberjaya, Malaysia. The invitation came from my good friend Dr. Bahma Sivasubramaniam of the FOM, MMU.

The lecture lasted for one and a half hour, where I emphasised on the scope and interpretation of the Personal Data Protection principles under sections 5-12 of the Malaysian Personal Data Protection Act 2010 (Act 709).

The last half an hour was a discussion. It was an active discussion, questions kept coming and coming 🙂 The questions show how well the students follow the issues and reflecting recent concerns. The points raised among others are the following:

  1. If there is a security breach in a data user’s premise caused by an external hacker, will they be responsible under the PDPA 2010?
  2. Can a health centre use my data (as a patient) for their research activity without my consent?
  3. What are the situations where personal data may be used without consent, but is done for the purpose of a “public interest”? What are those “public interest”?
  4. What happens with the recent review of the law by the government? Is it ready?
  5. Will the amendment of the law make it obligatory for Malaysian data users to have a DPO (Data Protection Officer)?

I thank Dr. Bahma Sivasubramaniam for inviting me and the Dean of FOM, MMU ie Dr. Mohd Fairuz Bin Abd Rahim for joining the lecture. I did have a short and pleasant conversation with the Dean. My best wishes for him and all the team in FOM, MMU. As I notified, it was a home-coming for me! 🙂

The slides I used for this class can be downloaded here. (Note, they will not last long here, sorry.)

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s