Following the public consultation in 2024, the Personal Data Protection Commissioner has now issued the Personal Data Protection Guideline on Cross Border Personal Data Transfer (Guideline).
The Guideline provides guidance on the operationalization of section 129 of the Personal Data Protection Act 2010 and sets out specific responsibilities of data controllers when transferring personal data to any place outside Malaysia.
The Carbon Capture, Utilization and Storage Bill 2025 has been passed by the Dewan Negara and is, at the time of issuance of this client alert, pending Royal Assent. Once the Royal Assent has been provided, the Carbon Capture, Utilization and Storage Act 2025 will be enacted (CCUSA). The CCUSA establishes a robust legal and regulatory framework for CCUS cycle from carbon dioxide capture, transportation, utilization, and storage.
The Malaysian Personal Data Protection Department recently published three public consultation papers to gather feedback on proposed guidelines on (i) data protection impact assessments, (ii) data protection by design and (iii) automated decision-making and profiling. The guidelines are part of a set of seven guidelines that are being (and have been) developed to complement the Personal Data Protection Act 2010 (PDPA), as announced by Digital Minister Gobind Singh Deo in January last year.
Since the coming into force of Malaysia Cyber Security Act 2024 (“CSA”) on 26 August 2024, there have been substantial developments in the landscape in the past few months.
The Malaysian Communications and Multimedia Commission (MCMC) has announced that it is holding a public consultation on the draft Code of Conduct (Best Practice) for Internet Messaging Service Providers and Social Media Service Providers (“Draft Code of Conduct”).
The objective of the public consultation is to collect public opinion on the Draft Code of Conduct, which outlines the best practices for applications service provider class licence holders who offer Internet messaging and social media services in Malaysia to address harmful online content and other relevant conduct requirements.
Malaysia is slated to have a comprehensive framework to regulate, implement and enforce actions/initiatives that is aimed to lead towards a low-carbon economy. The Ministry of Natural Resources and Environmental Sustainability is leading the initiative for the proposed enactment of the Climate Change Act by issuing a consultation paper to obtain comments and feedback. The introduction of a Climate Change Act is the result of Malaysia’s determination to honor its commitment under the Paris Agreement and also to reduce greenhouse gas emissions in Malaysia.
Malaysia’s Cyber Security Bill 2024 was passed by both houses of the Malaysian Parliament on 27 March 2024 (Dewan Rakyat) and 3 April 2024 (Dewan Negara) respectively. Subsequent to its Royal Assent on 18 June 2024 and publication in the Official Gazette on 26 June 2024, the Malaysia Cyber Security Act 2024, together with four subsidiary regulations, came into force on 26 August 2024.
Following the passing of the Personal Data Protection (Amendment) Bill 2024 by the Malaysian Parliament in July 2024, three public consultation papers have been issued in relation to the implementation of the following impending new legal obligations:
The deadline to provide feedback is 6 September 2024 (Friday).
On 26 July 2024, the Ministry of Energy Transition and Water Transformation announced the introduction of the Corporate Renewable Energy Supply Scheme, set to commence in September 2024. This initiative aims to enhance corporate companies’ access to green electricity supply through an open grid access system whereby third parties can supply or purchase electricity via the grid network system with a predetermined system access charge.
The Malaysian Communications and Multimedia Commission (“MCMC”) has announced its intention to introduce a new licensing regime for social media services and internet messaging services on 1 August 2024, with enforcement effective from 1 January 2025 onwards.
Under the current licensing framework, social media services and internet messaging services are exempted from the licensing requirement under the Communications and Multimedia Act 1998 (“CMA”) pursuant to the Communications and Multimedia (Licensing) (Exemption) Order 2000.