Scribd Logo
Upload

Welcome to Scribd!

  • Topic 3 Pdpa2010

    Uploaded by

    Falco Galvano
    10 views13 pages
    The Personal Data Protection Act 2010 regulates how companies collect, use, and process personal data of individuals in Malaysia, establishes rights of individuals over their personal data, and outlines penalties for non-compliance. It aims to protect personal data in commercial transactions based on principles of notice, choice, disclosure, security, retention, integrity, and access that are similar to data protection laws in other countries like the UK and Singapore. The Act applies to any person or company that processes personal data in Malaysia and regulates this processing according to seven personal data protection principles.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The Personal Data Protection Act 2010 regulates how companies collect, use, and process personal data of individuals in Malaysia, establishes rights of individuals over their personal data, and outlines penalties for non-compliance. It aims to protect personal data in commercial transactions based on principles of notice, choice, disclosure, security, retention, integrity, and access that are similar to data protection laws in other countries like the UK and Singapore. The Act applies to any person or company that processes personal data in Malaysia and regulates this processing according to seven personal data protection principles.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views13 pages

    Topic 3 Pdpa2010

    Uploaded by

    Falco Galvano
    The Personal Data Protection Act 2010 regulates how companies collect, use, and process personal data of individuals in Malaysia, establishes rights of individuals over their personal data, and outlines penalties for non-compliance. It aims to protect personal data in commercial transactions based on principles of notice, choice, disclosure, security, retention, integrity, and access that are similar to data protection laws in other countries like the UK and Singapore. The Act applies to any person or company that processes personal data in Malaysia and regulates this processing according to seven personal data protection principles.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 13

    Topic 3

    Laws of Malaysia
    Act 709
    Personal Data Protection Act 2010

    www.unimas.my
    www.unimas.my

    Introduction
    This Act regulates all companies who process
    personal data in commercial transactions.
    (Kheng Hoe & Partners)

    It would be the legislation in Malaysia which deals


    with the protection of personal data
    The principles of data protection laws contained in
    the PDPA are quite similar to the principles in other
    jurisdictions such as the UK and Singapore.
    (Azman Davidson & Co, 2015)
    www.unimas.my

    Scope
    aims to regulate the collection, holding, processing and
    use of personal data in commercial transactions and also
    to prevent malicious use of personal information.

    This piece of legislation plays a crucial role in


    safeguarding the interest of individuals and makes it
    illegal for anyone, be it corporate entities or individuals,
    to sell personal information or allow such use of the data
    by third parties.
    (LegalTAPS, 2010)
    www.unimas.my

    Rights Of The Data Subject


    The Act accords various rights to individuals to
    safeguard their personal data, such as:
    – The right of access to personal data;
    – The right to prevent processing for the purposes of direct
    marketing;
    – The right to correct the personal data;
    – The right to prevent the collection, holding, processing or
    use of any personal data which is likely to cause damage or
    distress; and
    – The right to withdraw such consent.
    www.unimas.my

    Background
    Date of Royal Assent – 2 June 2010
    Date of publication in the Gazette – 10 June 2010
    Arrangement of Sections
    – Consist of 11 Parts
    – Part II has 4 Divisions
    www.unimas.my

    Arrangement of Sections
    I. Preliminary
    II. Personal Data Protection
    III. Exemption
    IV. Appointment, Functions and Power of Commissioners
    V. Personal Data Protection Fund
    VI. Personal Data Protection Advisory Committee
    VII. Appeal Tribunal
    VIII. Inspection, Complaint and Investigation
    IX. Enforcement
    X. Miscellaneous
    XI. Savings and Transitional Provisions
    www.unimas.my

    Part II: Personal Data Protection Principles

    Division 1 : Personal Data Protection


    Principles
    Division 2 : Registration
    Division 3 : Data User Forum and Code of
    Practice
    Division 4 : Rights of Data Subject
    www.unimas.my

    Operation and application of the Act (I)


    The Act applies to:

    (a) any person who processes;

    (b) any person who has control over or authorizes the


    processing of any personal data in respect of commercial
    transactions and such a person is a “data user”; and

    * For further info please refer PDPA 2010


    www.unimas.my

    Operation and application of the Act (III)


    A data user:
    – “… a person who either alone or jointly or in common with
    other persons processes any personal data or has control
    over or authorizes the processing of any personal data, but
    does not include a data processor”.
    www.unimas.my

    What is personal data?


    Any data which can identify a person is considered
    personal data.
    There are 2 categories of personal data as follows:
    Personal Data Sensitive Personal Data
    Name Physical health or condition
    Address Mental health or condition
    Tel No Political views
    Email Religious or other similar beliefs
    Gender Criminal records
    Date of birth Any other information deemed by the Minister
    Photos to be sensitive personal data
    Videos, etc
    www.unimas.my

    Processing personal data


    Seven principles of the Act
    The processing of personal data by a user shall be in
    compliance with the following Personal Data
    Protection Principles, namely:
    (a) the General Principle;
    (b) the Notice and Choice Principle;
    (c) the Disclosure Principle;
    (d) the Security Principle;
    (e) the Retention Principle;
    (f) the Data Integrity Principle; and
    (g) the Access Principle.
    www.unimas.my

    Penalties
    Failure to comply with the provisions of the law is
    punishable by a fine not exceeding RM300,000
    and/or imprisonment for a term not exceeding two
    years, or both.
    Subject to the due diligence defence, directors,
    managers or other similar officers have joint and
    several liability for non-compliance by the body
    corporate.
    www.unimas.my

    References
    1. http://www.kkmm.gov.my/pdf/Personal%20Data%
    20Protection%20Act%202010.pdf
    2. http://www.taypartners.com.my/v5/download/Leg
    alTAPS-Aug2010.pdf
    3. http://klbar.blogspot.my/2013/08/article-personal-
    data-protection-act.html
    4. http://www.azmandavidson.com.my/personal-
    data-protection-act-2010/

    You might also like