Introduction to AI, Cyber Law and Cybersecurity in Malaysia

By: Sonny Zulhuda

This beautiful weekend, members of Majlis Penasihat Undang-undang Universiti Awam (MPUU-UA) will convene in Kuching, Sarawak (pic – credit to link). Such a meeting would be a precious opportunity for sharing and networking. But to all participants, it also means to learn, unlearn or relearn. I am looking forward very eagerly to being part of this exciting group of brains and souls. To have this meeting in this Borneo city makes the experience even sweeter I believe.

In my inaugural meeting as part of the IIUM Office of the Legal Adviser (OLA), I am honoured to also share my perspective on the above topic: AI, Cyber Law and Cybersecurity, more especially in the Malaysian context.

In sixty minutes, I plan to share the meaning and nature of AI, the emerging legal issues surrounding AI, the legal and policy initiatives on AI from foreign and local frontiers in Malaysia, as well as the overview of cyber law development in Malaysia.

I share some emerging legal issues surrounding Artificial Intelligence, among others:

1. Agency in Contract – AI has been used to manage commercial transactions, starting from pre-sales, sales, and post-sales. Concerns arise over the status of the agency of AI substituting human agency.
2. Privacy & Security – with a bulk of information being stored and processed by AI, questions arise on the fair processing rules: consent, minimization, security, and non-human decision-making.
3. Consumer Protection – when more accidents are caused by AI, who will be responsible for compensating the victims? If the AI falls under the high-risk system, has the risk assessment been complied with properly? Then, are people adequately informed about all those risks and other necessary information?
4. Algorithmic Biases – biases are the biggest enemy of AI. Have the AI developers and deployers considered the bias risks? When AI is used in a non-developer country, have the programmes been adjusted to suit the local circumstances and to avoid localized biases?
5. Control & Responsibility – of all the risks and potential liabilities above, who will assume responsibility in the case of default? Has there been a clear allocation of liabilities between Developers, Deployers, Users, and End-users?

Towards the end, I will also talk about the development of cyber law in Malaysia. Cyberlaw has evolved in Malaysia since the early 1990s. It is now still developing, and growing stronger and faster. In my presentation, I will show the chronological development of such law and policy-making in Malaysia. InshaAllah.