From Privacy Suit to EU GDPR: Data Protection Updates from Malaysia – As reported in the Borneo Post

By: Sonny Zulhuda

The beginning of the year saw my interview with the Malaysian daily the Borneo Post that was published on 1st January 2019. This interview was initiated by my colleagues from the consultancy firm Straits Interactive. The report was entitled “Malaysians increasingly aware of risks with data breach.” It can be found in this link.

The article started to to note that Malaysians now are more aware about the risks associated with breaches of their personal data. In fact, we in Malaysia have seen in the past five years, that there is a sharp increase in data privacy civil suits in the local Malaysian courts.

Among the points I highlighted in the interview are as follows:

What are the costs of data breaches?

  • The cost of data breaches can be seen in many areas. In terms of legal liabilities, companies in breach of the Malaysian PDP Act 2010 can be fined up to RM500,000 – for offences such as unlawful sale or unlawful collection of personal data, as well as collection of data without the required certificate of registration.
  • And when a data breach occurs, costs can also be incurred through technical repairs and loss of reputation. Business can also suffer because of bad publicity.
  • Civil suits can also be brought against companies, and these can cost businesses a lot of money. Malaysians are becoming increasingly more aware of the risks associated with breaches of their personal data, and we have seen a sharp increase in data privacy civil suits in the local Malaysian courts in the past five years.

Are we prepared? Here is what I said:

  • Unlike companies in the US and Europe, many companies in the Asean have yet to reach an acceptable level of preparedness. Data protection does not tend to be a part of the business culture, however some industries (banking and finance) are more prepared due to legislation and legal requirements.
  • To bolster the understanding and preparedness of other industries, we need more public awareness, training, and certified professionals in the field of data protection.

What are among the common concerns?

  • One major concern in Malaysia is how much our MyKad (ID cards) details are easily and unnecessarily exposed. Many people needlessly impose the collection or retention of MyKad details before people start business communication or interactions, enter premises, or participate in events. Unfortunately, lots of people are happy to submit these details and this gives the impression that these practices are approved and not an issue.
  • Another problem is direct marketing, as well as unsolicited commercial calls, emails and text messages. While it’s clear individuals have the right to refuse direct marketing, it still regularly happens.

What has been prepared?

  • I highlighted that leading consultant like Straits Interactive plays the role to champion a public-private partnership by establishing alliance with academia, industries and the government. This partnership will ensure Malaysia as a nation moves together and responds to data privacy issues with a common understanding and comprehensive programmes.

Does the European Union GDPR (General Data Protection Regulations) have anything to do with the Malaysians?

  • With the passing and enforcement of the EU General Data Protection Regulation (GDPR) in May 2018, Malaysia needs to gear up for these stronger laws and better enforcement.
  • The GDPR applies to companies who also interact with European citizens, and this requires short-term training programmes and certifications in the field of data protection.
  • A collaboration at the regional level is also timely and necessary. We are heading towards that.

Credit on this Interview to the Straits Interactive and the Borneo Post.

Advertisements

Intellectual Property Rights and Open Data in the Digital Environment

By: Sonny Zulhuda

postermaker-1541067967396

A close forum named Focus Group Discussion (FGD) on IPR and Open Data in the Digital Environment was recently held on 9th November 2018 at Al-Nawawi Conference Room, Ahmad Ibrahim Kuliyyah of Law, International Islamic University Malaysia (IIUM). The event was involving two universities from two countries which are the International Islamic University Malaysia (IIUM) and Universitas Padjadjaran (UNPAD), Indonesia.

In his welcoming remarks, the Dean of Ahmad Ibrahim Kuliyyah of Laws, Prof. Dato’ Sri Dr. Ashgar Ali Ali Mohamed extended his gratitude and warm welcome to the delegations from UNPAD. He believed that this two-way discussion should be conducted more regularly in promoting the intellectual discourse between two countries. In a reciprocal gesture, Prof Dr H Ahmad M. Ramli from the Faculty of Law, UNPAD in his keynote address appreciated the initiative by IIUM in conducting this group discussion.

This FGD was part of the research work under the Fundamental Research Grant Scheme, funded by the Ministry of Education, Malaysia. The group discussion was divided into 4 sessions, involving 11 speakers altogether; 7 from UNPAD and 4 from IIUM. Here are some excerpts:

Session 1: IPR Between Tradition and Innovation Continue reading

“Right to be Forgotten” in Indonesian Data Protection Law (A Focus Group Discussion with BINUS University)

By: Sonny Zulhuda

This report is based on what has been written on BINUS Website in the original Indonesian version. The Focus Group Discussion took place on 11th August 2018 in Kuala Lumpur. The participants were Prof. Dr. Shidarta, Prof. Dr. Bambang Pratama, and Reinhard Christian Surya from BINUS Law School, Jakarta and myself. The main topic was on the the right to be forgotten.

I reckoned in that meeting that the regulation on right to be forgotten as introduced in the latest 2016 amendment to the Indonesian e-transactions laws (namely UU ITE in Indonesian) was a drastic development bearing in mind that there is still no comprehensive legislation in Indonesia dealing with the protection of personal data which is now increasingly becoming a new global norm. In my view, Indonesia should first settle with the currently ongoing debate on the draft bill of the Personal Data Protection law.

Right to be forgotten is indeed a sub-set of many rights relating to personal data processing of an individuals. In many laws, this right to be forgotten is interchangeably discussed with the right to data deletion.

fgd binus 2018

In Malaysia this right is impliedly given because it mandates every data user (those who process personal data of individuals) to ensure data are deleted when they are no longer necessarily required. Similar provisions can be found in the laws of other countries such as UK, Hong Kong and Singapore. In Indonesia, there is still no law (Undang-undang) which defines and lays down similar requirements.

In its Indonesian report, the Website continues to note: Continue reading

Survey on E-commerce Laws and Policies

Compiled by Sonny Zulhuda

17471ECMIn 2017, the World Economic Forum issued some reports relating to the recent development of e-commerce laws and policies. The report is entitled “Making Deals in Cyberspace: What’s the Problem?”

This White Paper aims to build the knowledge of current e-transaction and e-signature rules. It evaluates how these apply in national and international commercial contexts, and bridges perspectives from business, legal experts and trade policy-makers to deepen understanding on potential trade policy interventions that could boost regulatory coherence. The paper contributes to a World Economic Forum public-private dialogue series on best practices in e-commerce policy as part of a broader digital trade programme.

The Report can be found here.

Later in 2018, another report by the WEF also enlightens us on an emerging issue related to e-commerce law. Entitled “Addressing E-Payment Challenges in Global E-Commerce,” the WEF highlights that technology has altered the way consumers interact with payment systems. The Internet, digitization, shifting consumer preferences and, in some cases, regulatory reform have accelerated the uptake and use of electronic payments (e-payments). In turn, e-payments have contributed to the growth of e-commerce, making it practical and possible. However, while the digital world is theoretically borderless, national and regional boundaries have not gone away. Restrictions on the international supply, use and availability of e-payment services are among the challenges to global e-commerce.

This white paper informs discussion on e-payment challenges and solutions. It provides brief context on the e-payment ecosystem, the opportunities the sector presents for small business and financial inclusion and the payment-related hurdles faced by small players dealing digitally across borders. Given that trade frameworks can address international commercial frictions and support e-payment development, the paper enhances understanding of relevant efforts to date, and reflects on what else could be done.

Find this report here.

Hoax in the Era of Industry 4.0

By: Sonny Zulhuda

We have those usual greeting lines every morning such as ‘How are you today?’ or ‘Have you had a breakfast?’

What about these lines: ‘Have you received any hoax today?’ Or worse.. ‘Have you spread any hoax today?’ …. 

7E3A8212Yes. Like it or not, hoax is now inseparable from our life. Just before I spoke in the Saturday ASEAN Youth Conference 2018 in IIUM on this topic, I received ‘news’ that Obike Malaysia stopped its business in Malaysia – which is not true!

The spreading of hoax, though existed since time immemorial, is now extremely rampant due to the advanced technology and the abundance of data around us. It seems that the bandwidth and connectivity was so good that data can even be sent before we think of sending it!

I called this as an excess of data inflation, which leads to information euphoria of a kind. Certainly we have ability of more data gathering, but somehow less on data intelligence. Owning and using a smart phone does not necessarily make us a smart person though.

With such a mishandling, information may become a disinformation, mal-information or even a misinformation. The convergence of information technology and big data have led to a “disrupted society”. A once connected and interconnected society is now “over-connected”, borrowing the phrase from William’s Davidow’s book “Overconnected”.

pacu-teknologi-manufaktur-kemenperin-bersinergi-dengan-startup-B0wBut, what makes sharing hoaxes is so appealing? Partisanship, Naivety, dramatisation, identity and self-actualisation can be the reason behind it.

  • Partisanship: sending hoax (despite the fakeness) conforms to the sender’s existing beliefs;
  • Identity: the act of sending such material proclaims one’s taste and affiliation;
  • Dramatisation: the fear factor that urges people to spread a hoax such as fear of life, fear of detachment, fear of sin, fear of social evils, fear of deseases, etc;
  • Naivety: deceived by all that glitters;
  • Self actualisation: such as the pride of one being the “most informed person”.

Unfortunately, no matter how good or genuine someone’s intention is, sending hoax is not cool. It can even land you on legal troubles. So, let’s not take it for granted. Something must be done. Everyone can be part of it.

It is worth-remembering that in 2005, the World Summit on the Information Society (WSIS) came up with this Declaration of Principles: Building the Information Society, which sets the philosophical and ethical foundations for the global users of the information technology, that:

  • The Information Society should respect peace and uphold the fundamental values of freedom, equality, solidarity, tolerance, shared responsibility, and respect for nature.
  • We acknowledge the importance of ethics for the Information Society, which should foster justice, and the dignity and worth of the human person. Emphasis on the role of family in society.
  • The use of ICTs and content creation should respect human rights and fundamental freedoms of others, including personal privacy, and the right to freedom of thought, conscience, and religion.
  • All actors in the Information Society should take appropriate actions and preventive measures, as determined by law, against abusive uses of ICTs.

I also took this opportunity to remind the audience of the Prophet Muhammad-guided information governance that has been taught as a legacy to us:

  • Info Dissemination: The prophet PBUH emphasised on accuracy and clarity
  • Info Gathering: He assigned specialist to gather espionage
  • Info Management: He appointed secretaries among the trusted and skilled companions
  • Info Confidentiality: He classified info on warfare, critical project e.g. Hijra, names of munafiqun
  • Respect to Privacy: He prohibited private surveillance
  • Info Authenticity: He used a special seal for correspondence
  • Info Verification: He always emphasised on the need of Tabayyun (i.e. verifying the source of information)

what to do when you suspect a fake news or hoax?

This chart from the Singapore’s National Library Board page may help.

FAKE chart

(Excerpt from my keynote: “IR 4.0 and the Inflation of Information: Issues and Challenges”)

#IR40 #Hoax #fakenews #control #information #AYC2018 #PPIMalaysia

The Fourth Industrial Revolution and the Inflation of Information: Issues and Challenges

From the event of the ASEAN YOUTH CONFERENCE (AYC) 2018, at the International Islamic University Malaysia, 22 September 2018.

IMG_20180922_102647.jpg

IMG_20180922_102630.jpg

IMG_20180922_103448.jpg

I will be delivering a keynote under the above topic. For my presentation SLIDES, please click: The Fourth Industrial Revolution and the Inflation of.

IR 4.0: A Note on ICT for Educators (in Indonesian)

By: Sonny Zulhuda

UIN Palembang

This was an excerpt of my keynote (in Indonesian) on IR 4.0: ICT UNTUK PARA PENDIDIK (Ethical Use of ICT for Educators and Teachers). Delivered in Universitas Islam Negeri (UIN) Raden Fatah, Palembang on 18th September 2018.

Kemajuan teknologi hari ini membawa kita kepada fenomena Revolusi Industri ke-4 dimana globalisasi, komputerisasi dan otomasi tersinergi dengan manusia, objek dan juga data. Keadaan ini menciptakan berbagai peluang disruptif di segala bidang dan profesi, termasuk proses pendidikan dan pengajaran.

Para pendidik dan guru tidak bisa duduk tenang. Ingat Tuan Stephen Elop ketika menutup tirai perusahaan Nokia dengan mata basah menyampaikan, “Kami di Nokia tidak melakukan kesalahan (dalam berbisnis), namun nyatanya, kami tersingkir.”

Kenapa begitu? Karena Nokia saat itu duduk tenang dan merasa semuanya baik-baik saja. Tanpa disadarinya, tampuk niaga sudah direbut oleh pemain-pemain baru seperti Samsung dan Siemen. Nokia ‘lengah’ dalam berinovasi, lalai untuk berkompetisi.

Dalam kesempatan keynote speech di Fakultas Tarbiyah, Prodi PGMI, UIN Raden Fatah Palembang, di depan 800-an calon guru masa depan, aku berpesan hal yang sama: mari kita lihat sekeliling.

Kenali anak didik kita, selami dunianya. Dekati permainannya, masuki media sosialnya. Manfaatkan teknologi informasi sebaik2nya. “Para guru dan pendidik tidak boleh lengah dalam berinovasi, atau lalai untuk berkompetisi!”

UIN Palembang2

Sitting alongside other keynote speakers: Dr Mardiah Astuti of UIN Palembang and Prof. Dr. Sabine Brombach from the Ostfalia University, Germany.

Palembang, 18 September 2018.

  • July 2019
    M T W T F S S
    « Jun    
    1234567
    891011121314
    15161718192021
    22232425262728
    293031  
  • Visitor

    free counters

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,630 other followers