Experts: Safeguards needed for contact tracing info

Goh said he has advised business owners not to leave visitor registration log books exposed to the public. — Photo: DATUK KENNY GOH

PETALING JAYA: While it is necessary to log your name and phone number before entering certain premises during the conditional movement control order (MCO), experts say measures should be taken to prevent people from falling victim to scammers.

Datuk Kenny Goh, chief executive officer and co-founder of digital technology company Macro Kiosk, said concern over data privacy at this time was part of an adjustment to the “new normal”.

“I understand why people are raising concerns as the Covid-19 pandemic has forced people to re-evaluate what privacy means to them.

“On the positive side, giving out info is a responsible thing to do because it helps with contact tracing. However, it is also worrying when the information is not being guarded properly, ” he said.

Goh urged businesses to take a digital approach such as generating QR codes for registration instead of asking people to write down their details.“This way, people’s information is not easily exposed as it will be uploaded to an online system that can only be accessed by few. Right now, anyone can easily walk up to a log book and take pictures of whatever they see, ” he said.

Cybersecurity expert Fong Choong Fook said the move to aid contact tracing could lead to a deluge of unwanted calls and spam, if proper checks were not put in place.

“Spam messages have become more sophisticated as they feel personalised. The messages are no longer just generic notices offering you products or services because scammers can now easily get your name or MyKad number, ” he added.

Fong said public should know more about how their personal information will be handled by owners of premises.

“The big question here is how are the details in the log books being treated by the custodian or the person handling the data, such as the security guards or owners of premises?” asked the LGMS group managing director.

The Personal Data Protection Act 2010 requires businesses to adhere to certain requirements when processing personal information.

Bar Council Information Technology and Cyber Laws Committee deputy chairman Foong Cheng Leong said this included keeping the data secure, not disclosing it to third parties without consent, and within the purpose of which the data is collected.

Processing personal data in ways that were not compliant with the PDPA could lead to a fine of not more than RM300,000 or jailtime of not more than two years, or both.

However, there is a lack of awareness on personal data protection among Malaysians, said Fong.

“I don’t think many people are fully aware of their rights as stated in the PDPA. The custodians who are collecting or holding people’s personal information also have to be aware of their responsibilities and liabilities, ” he said.

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 0
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!

Covid-19 , Coronavirus , MCO


Next In Nation

Radical measures to spur the economy to be presented in Budget 2023, says PM
Foreign embassies not authorised to issue temporary visit pass for citizens to remain in Malaysia
Ambiga takes a dig at Anwar with ‘A green light for all Ministers to bring in family’ tweet
Puspen staff member, trainee charged with murder
Malaysia forms special team to coordinate humanitarian aid to Turkiye, Syria
Anwar to make official visit to Thailand on Feb 9
PM Anwar wishes success to SMART in Turkiye
Parliament to pilot-test PM’s Q & A session every Tuesday, says Johari
Finance Minister’s special advisory body tasked to improve country’s coffers, says Anwar
Higher Education Ministry welcomes probe over RM157mil in losses suffered by UiTM Holdings

Others Also Read