From Brussels: The Islamic Legal Conceptions of Privacy

By: Sonny Zulhuda

IMG_20190130_094243Last week (1st February 2019) I concluded the International Conference on Privacy and Data Protection (CPDP2019) in the heart of Europe, City of Brussels. It is organised by a consortium of primary European universities, supported by global companies, and endorsed by the European Union institutions.

It’s the 12th edition of this annual global event on privacy & data protection. 3 days of fascinating and thought-provoking talks, speeches and discussions. Thank you @CPDPconferences for inviting me as a speaker on privacy in Islam.

Thanks to @darahallinan who initiated this panel for the first time. Entitled “Islamic Legal Conceptions of Privacy.” The idea is to understand how privacy is actually a universal value adopted by wide and global communities and traditions.

Being the first speaker, I first introduced that for every Muslim, Islam is the way of life and provides a comprehensive guidelines for both private and public interactions.

Then I spoke mainly on the evidences from the Quran (as the primary source of Islamic law) which provide basis of privacy right and how to implement it in life, starting from early childhood: they should ask parent’s permission before entering their private rooms at three specific times in a day.

I highlighted how important it is to respect others’ dignity by not transgressing their rights, not spying on them, not backbiting, not ridiculing them, and not calling them by undesired labelling/tagging.

Muslims are told to get mutual consent when affecting others’ rights, to record agreements, to enter their houses upon prior consent, and to leave if asked to. Not less importantly a command to investigate information received (verification and authentication).

Those are exactly the rights pertinent to privacy and data protection nowadays.

At the end, I noted that 1. Islam calls for peace, justice and harmony; 2. Privacy is one of important rights to be preserved; and 3. At all time, Muslims will be accountable to God, Society and oneself.

And not forgetting I also shared some updates on the privacy laws and Personal Data Protection laws in both Indonesia and Malaysia. Some good news here and there.

Thank You Chair, moderator and fellow panelists Prof Andrew Adams (Japan), Prof Elizabeth Coombs (Malta), Nighat Dad (Pakistan), Lahoussine Aniss (Marocco), and Patrick Penninckx (EU) for making it a beautiful panel. Looking forward to connecting further. Thank you @CPDPconferences.

#PrivacyinIslam #CPDP2019 #Brussels #Malaysia #Indonesia #PDPA

Advertisements

From Privacy Suit to EU GDPR: Data Protection Updates from Malaysia – As reported in the Borneo Post

By: Sonny Zulhuda

The beginning of the year saw my interview with the Malaysian daily the Borneo Post that was published on 1st January 2019. This interview was initiated by my colleagues from the consultancy firm Straits Interactive. The report was entitled “Malaysians increasingly aware of risks with data breach.” It can be found in this link.

The article started to to note that Malaysians now are more aware about the risks associated with breaches of their personal data. In fact, we in Malaysia have seen in the past five years, that there is a sharp increase in data privacy civil suits in the local Malaysian courts.

Among the points I highlighted in the interview are as follows:

What are the costs of data breaches?

  • The cost of data breaches can be seen in many areas. In terms of legal liabilities, companies in breach of the Malaysian PDP Act 2010 can be fined up to RM500,000 – for offences such as unlawful sale or unlawful collection of personal data, as well as collection of data without the required certificate of registration.
  • And when a data breach occurs, costs can also be incurred through technical repairs and loss of reputation. Business can also suffer because of bad publicity.
  • Civil suits can also be brought against companies, and these can cost businesses a lot of money. Malaysians are becoming increasingly more aware of the risks associated with breaches of their personal data, and we have seen a sharp increase in data privacy civil suits in the local Malaysian courts in the past five years.

Are we prepared? Here is what I said:

  • Unlike companies in the US and Europe, many companies in the Asean have yet to reach an acceptable level of preparedness. Data protection does not tend to be a part of the business culture, however some industries (banking and finance) are more prepared due to legislation and legal requirements.
  • To bolster the understanding and preparedness of other industries, we need more public awareness, training, and certified professionals in the field of data protection.

What are among the common concerns?

  • One major concern in Malaysia is how much our MyKad (ID cards) details are easily and unnecessarily exposed. Many people needlessly impose the collection or retention of MyKad details before people start business communication or interactions, enter premises, or participate in events. Unfortunately, lots of people are happy to submit these details and this gives the impression that these practices are approved and not an issue.
  • Another problem is direct marketing, as well as unsolicited commercial calls, emails and text messages. While it’s clear individuals have the right to refuse direct marketing, it still regularly happens.

What has been prepared?

  • I highlighted that leading consultant like Straits Interactive plays the role to champion a public-private partnership by establishing alliance with academia, industries and the government. This partnership will ensure Malaysia as a nation moves together and responds to data privacy issues with a common understanding and comprehensive programmes.

Does the European Union GDPR (General Data Protection Regulations) have anything to do with the Malaysians?

  • With the passing and enforcement of the EU General Data Protection Regulation (GDPR) in May 2018, Malaysia needs to gear up for these stronger laws and better enforcement.
  • The GDPR applies to companies who also interact with European citizens, and this requires short-term training programmes and certifications in the field of data protection.
  • A collaboration at the regional level is also timely and necessary. We are heading towards that.

Credit on this Interview to the Straits Interactive and the Borneo Post.

  • July 2019
    M T W T F S S
    « Jun    
    1234567
    891011121314
    15161718192021
    22232425262728
    293031  
  • Visitor

    free counters

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,630 other followers