Understanding Personal Data Protection Law
This book is the first of its kind in Malaysia and Southeast Asia. It provides general guidance to individual and organisations on the processes of how to manage, collect and use personal data. It offers practical tips on topical data protection scenarios from the context of the Malaysian Personal Data Protection Act 2010 (Act 709). The tone, manner, look and feel of this book are straightforward, succinct yet presented in simple language for the ease of understanding. It highlights Privacy by Design (PbD), a best practice module by which the seven foundational principles of personal data protection are advanced towards organisational data protection compliance and assurance. This book guides the reader, through case studies and tips on how these principles and the law of personal data protection should be contextually applied in day to day life; flowing from the consumer’s role in relation to personal data right through to steps to be taken in case of a breach. An interesting chapter on PDPA post enforcement, Top Ten Hit List and the reflection of Malaysian data protection and privacy law evolution is carefully covered.
To cater to a broader readership, this book adopts illustrations, diagrams, tables and frequently asked questions aimed to simplify the basic principles and concepts of data protection. It is a book for all and sundry.
About the Act
– The Act was passed 2 years ago and it is expected to take effect anytime now. Since the Act has huge impact on the banking industry, telcos etc and the general public as a whole, the handy publication will prove very useful to lawyers, corporate counsels, academics and the public at large.
– Personal data is defined as any information that relates directly or indirectly to a data subject, who is identified or identifiable from that information or from that and other information in the possession of a data user.
– A data user is basically the party using the personal data of an individual, which is referred to as data subject in the Act.
– Personal data may take various forms and may be a name combined with other information, passport/identity card number, telephone number, photograph, fingerprint, or DNA.
– The Personal Data Protection Act 2010 is only limited to personal data in respect of commercial transactions.
– Failure to comply with any of the seven principles under the Act amounts to an offence punishable with a fine not exceeding RM300,000 or imprisonment not exceeding two years or both.
– Under these principles, the collection and use of personal data must be consented to by the data subject, and steps must be taken to ensure that they are updated, correct and stored securely.
– To put it simply, this book is a layman’s guide to understanding the Personal Data Protection Act 2010 and how it applies in day to day life