Companies should hire data protection officers to reduce online scams, urge expert

SHAH ALAM - Just like auditors, every company in Malaysia should have at least one data protection officer.

Information Technology Law expert of Universiti Kebangsaan Malaysia (UKM) Prof Dr Nazura Abd Manaf said this will reduce scam cases in Malaysia.

"Literally, the Personal Data Protection Protection Act (PDPA) is protecting us. This is one of the legal mechanisms to protect Malaysians and combat scamming activities.

"But why are scamming still increasing in the country?" she questioned.

She said the officer should ensure the company implements six personal data principles - consent, security, retain, access and integrity.

Nazura said data consent was crucial to know how others are using the company's data for marketing purposes.

"This consent must be in writing as an evidence in court if something happens," she added.

She also said that every data collector needs to keep the data and register with the Personal Data Protection department to keep track of the activity.

Nazura further added that to ensure the data is secure, the security system must be up-to-date.

She further stressed that by having a officer for data protection in every company, they must monitor all six data principles to prevent scams.

Malaysia, along with Singapore, Australia, the United Kingdom and European countries have data protection laws.

"However, data is not limited to Malaysia.They are going beyond. For example, we have social media globally. That’s why we need to take precautions."

Nazura also commented that it is a good move by the Communications and Digital Ministry to strengthen cyber security laws.

Its minister, Fahmi Fadzil had said all organisations involved in data including commercial transactions and safekeeping will face serious penalties for failing to protect their data.