Data Protection Ecosystem for Financial Institution

By: Sonny Zulhuda

Data is asset in today’s interconnected world. With the changing digital lifestyle and emerging digital workplace, managing personal data becomes a key trust factor for organisations.


The digitalisation of process and records, mobile workplace concept, synchronisation of gadgets and data, as well as emergence of smart contract have all contributed to this change.

Internally, managing data serves as a critical assets management. Externally, it becomes a shield of legal compliance as well as a key competitive value in a more increasingly regulated environment.

In many parts of the world, Continue reading “Data Protection Ecosystem for Financial Institution”

Survey on Artificial Intelligence and Ethics

On this page, I’ve listed down some of the references I am gathering of late while surveying about AI, ethics and data protection. Here are some:

  1. Sidi Ahmed, Sidi Mohamed and Zulhuda, Sonny (2019) Data protection challenges in the internet of things era: an assessment of protection offered by PDPA 2010. International Journal of Law, Government and Communication, 4 (17). pp. 1-12, at
  2. Berkman Klein Center for Internet and Society at Harvard University. Ethics and Governance of AI, at
  3. Berkman Klein Center for Internet and Society at Harvard University. Artificial Intelligence in Society, at
  4. OECD, “Report on AI in Society”, Digital Journal 12 June 2019, at
  5. OECD, Artificial Intelligence in Society, Report published on June 11, 2019, at
  6. Draft: A UN System-wide Strategic Approach and Roadmap for Supporting
    Capacity Development on Artificial Intelligence, at
  7. “Artificial Intelligence & Human Rights: Opportunities & Risks,” Berkman Klein Center Research Publication No. 2018-6, at
  8. International Telecommunication Union (ITU), Report on “Artificial Intelligence (AI) for Development Series – Module on Setting the Stage for AI Governance: Interfaces, Infrastructures, and Institutions for Policymakers and Regulators,” July 2018, at
  9. World Economic Forum (WEF), Artificial Intelligence and Robotics, at
  10. Princeton University. Dialogues on AI and Ethics: Case Studies, at

  11. Artificial Intelligence for Global Good, ITU News Magazine 01/2018, at

  12. G20 Ministerial Statement on Trade and Digital Economy (Including on AI), at

  13. SMU Centre for AI and Data Governance (CAIDG), at


Corona Alarm: When Virus Viraling is A Criminal Offence


By: Sonny Zulhuda

Everyone now speaks about this COVID-19, the latest Corona virus epidemic which started in China recently and had now affected over 45,000 people worldwide, and killed more than 1,200 people. People talk about it because it is everyone’s concern. It is about life and death (beyond just economy!).

The problem now is, we have too much information to the extent that it is so hard to identify the truth behind each piece of information. Some of those info may have led to increasing fear and panic. I believe this is not what we want: mixing facts with fiction, then distorting our priorities.

It is interesting to note recently (the past few days) that some penal sanctions were upheld by courts in Malaysia against those who are found to spread fake news or information about COVID-19. Here are some excerpts from one media report (The Star Online, 13 Feb 2020):

“Retiree fined RM5,000 for spreading fake news” Continue reading “Corona Alarm: When Virus Viraling is A Criminal Offence”

Education in the Era of Industrial Revolution 4.0

By: Sonny Zulhuda

Today we welcome the visit by the delegates from Universitas Al-Azhar Indonesia (UAI) Jakarta, Indonesia to IIUM Campus.

IMG-20191024-WA0049.jpgThe Rector of UAI Prof. Dr. Ir. Asep Saefuddin, M.Sc will be delivering his public lecture on “Education in the Era of Industrial Revolution 4.0” at the the Law Faculty Building, International Islamic University Malaysia, Gombak, Selangor.

This event is jointly organised by the IIUM International Office and PPI-IIUM (Indonesian Students Association in IIUM).

The presentation material can now be downloaded here: Education Toward Society 5.0 ASEAN Model_IIUM_25 Oktober 2019

Several Aspects of Regulating Financial Technology (Fintech)

By: Sonny Zulhuda

IMG_20191007_221021_242Minggu ini saya diminta bicara di Seminar International tentang Fintech di 3rd International Conference on Islamic Epistemology (ICIE) 2019 Indonesia di Universitas Al-Azhar Indonesia (UAI) Jakarta, Indonesia.

Di antara key points yang akan saya sampaikan adalah:

1. Fintech (Financial Technology) adalah inovasi yang harus dijaga (bukan malah dihalang-halangi) oleh regulasi.

2. Fintech tidak tumbuh dalam ruang nir-regulasi (legal vacuum) oleh karena itu masih harus taat terhadap aturan main yang ada.

3. Pengaturan Fintech perlu hati-hati, sinergis dan technology-neutral, jika tidak maka regulasi akan kounter produktif dan fintek layu sebelum berkembang.

4. Layaknya mengatur produk-produk teknologi, mengatur fintek perlu memadukan berbagai aspek termasuk norma, pasar, arsitektur dan juga kode/pengaturan.

5. Terakhir, kita perlu awas terhadap ruang-ruang samar (blindspot) dalam pengaturan data fintek.

DOKUMEN PAPARAN/SLIDES bisa diunduh disini ICIE UAI 2019


15705050726624888919158111138120Terimakasih kepada penyelenggara seminar UAI dan IIIT yang telah mengundang saya untuk berbagi.

Beberapa slides dibawah didapati dari presentasi Pembicara kunci dari Otoritas Jasa Keuangan (OJK) Indonesia:


IMG_20191008_102848Nasrun minallah wa fathun qarib. Semoga bermanfaat.

Saatnya Indonesia Memiliki UU Perlindungan Data Pribadi

By: Sonny Zulhuda

jual beli data pribadi4

Ada tiga hal yang memerlukan jawaban kita:

  1. Data Pribadi warga Indonesia semakin terekspos, disalahgunakan, dieksploitasi oleh kerakusan dan ketamakan penggiat Big Data.
  2. Data Pribadi warga Indonesia menjadi bulan-bulanan mereka yang tidak akan berhenti mengeksploitasi sumber dan kekuatan ekonomi Indonesia
  3. Data Pribadi warga Indonesia yang menjadi makanan sehari-hari media sosial, teknologi intrusif dan juga para kriminal yang sewaktu-waktu akan menerkam kita.

Dimana perlindungannya hukumnya? Disinilah signifikansinya UU Perlindungan Data Pribadi (Personal Data Protection Law).

Apa saja sebenarnya yang hendak diatur dan dilindungi dalam UU tersebut? Apa hak-hak individu terhadap datanya sendiri? Apa batasan yang dikenakan bagi mereka yang ingin menggunakan data pribadi orang lain, baik untuk kepentingan bisnis maupun lainnya?

Ini di antara pokok pikiran yang tertuang dalam presentasi saya di Universitas Muhammadiyah Purwokerto, 21 September 2019. Bagi para peserta, silakan mengunduh materi SLIDES disini: >> Hukum Data Pribadi UMP 210919

Dalam Seminar Nasional yang diselenggarakan oleh Fakultas Hukum UM Purwokerto ini, selain saya, ada sahabat saya yang juga akan ikut urun rembuk, yaitu Dr. Iwan Satriawan dari FH UMY dan Mas Bayu Setaiawan, S.H, M.H., dari FH UM Purwokerto. Selain itu juga ada Sdr Teguh Arifiyadi, S.H., M.H.

Semoga kesempatan silaturahim dan urun pikiran ini dapat kita manfaatkan bersama. Terimakasih Bapak Rektor Dr. Anjar Nugroho dan Ibu Dekan Susilo Wardana, SH., SE., M.Hum. atas kesempatan yang diberikan kepada saya.

Nashrun minallah wa fathun qariib.

UMP Seminar

Cryptocurrencies and Anti-money Laundering Laws: The Need for an Integrated Approach

By: Sonny Zulhuda


My latest book chapter co-worked with my colleague Dr Mohd Yazid Zul Kepli who also led the project.

“Cryptocurrencies and Anti-money Laundering Laws: The Need for an Integrated Approach”

This chapter attempts to clarify and describe the legal and regulatory framework for cryptocurrency with special focus on Malaysia and the threats that it poses from the anti-money laundering perspective.

Currently, very few countries have legislations that regulate cryptocurrency. Nonetheless, the crazy surge in prices (to more than 20-folds at some point) has sent both legitimate investors and criminals flocking to cryptocurrencies.

This chapter analyses and compares the official reports from various governments, writings of government officials, experts and scholars in journals and newspapers, interviews and draws conclusions on the legal framework of cryptocurrency, and money laundering challenges.

The study notes that the decision of the US regulators in allowing Bitcoin futures to trade on major exchanges to be one of the reasons behind the sudden surge. The study also finds that the South Korean regulators’ approach in banning its financial institutions from dealing with virtual currency is a positive one.

The chapter stresses that it is not adequate for regulators to warn the public to act with extreme caution and increase their understanding on the risks they take on if they choose to invest in cryptocurrencies. Instead, it is necessary to have comprehensive international and national laws and regulations for the control and management of cryptocurrencies. In addition, the anti-money laundering legal framework must be improved to cater to the new threats posed by cryptocurrency.


Kepli, M. and Zulhuda, S. (2019), “Cryptocurrencies and Anti-money Laundering Laws: The Need for an Integrated Approach”, Oseni, U., Hassan, M. and Hassan, R. (Ed.) Emerging Issues in Islamic Finance Law and Practice in Malaysia, Emerald Publishing Limited, pp. 247-263.