Personal data leak enforcement still weak – MCWROSKHOIRAH YAHYA
SHAH ALAM - The enforcement of Malaysians' personal data leaks is still weak and ineffective despite the existing legal provisions through the Personal Data Protection Act (PDPA) 2010.
Malaysian Corruption Watch (MCW) president Jais Abdul Karim said that the issue of data source abuse was very likely to happen and was not impossible.
"Many industries, especially the insurance, real estate and financial sectors are users of this data.
"It is not a new thing. It has gone viral since May 2022 and the activity of selling Malaysians' personal data is one of the sources of the dark economy that had been established for a long time," he revealed.
On Tuesday, there was a dispute about users being registered without permission through the Selangor General Insurance Scheme (Insan) allegedly using personal data without permission.
The issue spread on social media had raised public concerns about the level of personal data security.
Jais found that the use of voter's personal data obtained from the Election Commission (EC) had clearly been abused for commercial purposes.
He noted that the possibility of violation of provisions in the PDPA and Section 9 of the EC Act (Act 31) was significantly high.
"A company had been appointed as the operating firm in which the Selangor Menteri Besar Corporation (MBI) only holds 49 per cent equity.
"Therefore, the personal data of voters or citizens had been channelled to commercial entities that are at risk of potential commercial abuse," he said.
He is of the view that EC should immediately issue a statement to confirm that there had been no breach of any regulation.
"It is important to ensure that the use of this data is transparent and with integrity or vice versa.
"MCW fears that this matter will be set as a precedent in the future if it is not clarified immediately," he said.