Search for:

In brief

Following a public consultation held in early 2020, certain amendments to the Malaysian Personal Data Protection Act 2010 (“PDPA“) will be tabled at the Malaysian Parliament for approval in October 2022. These proposals will introduce new obligations on both data users and data processors.


In more detail

The Communications and Multimedia Minister (“Minister“) (who oversees the implementation of the PDPA) has indicated that the following proposed amendments to the PDPA are expected to be tabled at Parliament for approval in October 2022 (collectively “Proposed Amendments“):

  • Appointment of data protection officer: All data users will each be required to appoint a data protection officer.
  • Mandatory data breach notification: All data users will be required to report data breaches to the Malaysian Personal Data Protection Department (“PDPD“) within 72 hours.
  • Data processor obligation: Data processors will be required to comply with the security principle under the PDPA.
  • Introduction of data portability: Transfers of personal data between data users (upon request from data subjects) will be allowed (if the technical system permits).
  • Blacklist for cross-border transfers: The power of the Minister to issue a whitelist will be replaced with a blacklist. Transfers of personal data to blacklisted countries will be prohibited. 

Under the PDPA, “data users” are essentially those who have control over or authorise the processing of any personal data (excluding data processors), whereas “data processors” refer to those who process the personal data solely on behalf of the data user and not for any of their own purposes.

The Proposed Amendments formed part of the 22 proposals in theĀ public consultation paperĀ issued by the PDPD in early 2020 to strengthen the PDPA. They are broadly in line with recent data privacy reforms across the region. Businesses should anticipate and prepare for the additional compliance obligations which they may be subject to if the Proposed Amendments are passed and come into force (including undertaking an assessment of the impact of such compliance obligations on its existing contractual commitments and undertakings).

* * * * *

This client alert was issued by Wong & Partners, a member firm of Baker McKenzie International, a global law firm with member law firms around the world. In accordance with the common terminology used in professional service organizations, reference to a “partner” means a person who is a partner or equivalent in such a law firm. Similarly, reference to an “office” means an office of any such law firm. This may qualify as “Attorney Advertising” requiring notice in some jurisdictions. Prior results do not guarantee a similar outcome.

Author

Kherk Ying Chew heads the Intellectual Property and Dispute Resolution Practice Groups of Wong & Partners. She has decades of experience in IP, commercial litigation, corporate compliance, information technology and Internet regulatory issues. She is ranked in Tier 1 for IP in Malaysia by Chambers Asia Pacific which has noted that Kherk Ying is "an acclaimed figure in the sector, drawing praise as a lawyer who is 'really commercial, very practical' and 'knows her subject impressively well." Asia Pacific Legal 500 inducted her into its Hall of Fame in 2021 for IP, it had commented that she is "highly respected for contentious and non-contentious work". Kherk Ying was also named in Benchmark Asia-Pacificā€™s Top 100 Women in Litigation for IP and Commercial Transactions (2020-2021). Kherk Ying won the Women Lawyer of the Year at the ALB Malaysia Law Awards in 2019. She is highly regarded for IP litigation, and has been named the "Best Female Lawyer in IP Litigation" by Euromoney Asia Women in Business Law Awards 2014. She is also recognised as a Tier 1 lawyer in enforcement and litigation by the World Trademark Review 1000, and ranked as a Tier 1 litigation and transactions professional by IAM Patent 1000. Kherk Ying is a registered trade mark, patent and design agent in Malaysia and the principal author of the CCH published Intellectual Property Laws of Malaysia. She is among the few selected trainers for an IP valuation course by Intellectual Property Corp of Malaysia (MyIPO) and is an accredited IP valuer by the World Trade Institute.

Author

Chun Hau Ng is an Associate in Wong & Partners, Kuala Lumpur office.