Personal information protection in the digital economy: What has been done?


WHILE the Internet brings important development and opportunities to individuals and organisations in this digital economy, it also poses risks to personal information security.

Incidents such as personal information leaks and online scams remind us of the need to build solid barriers for cybersecurity, especially in terms of personal information protection.

Both the Malaysian and Chinese governments have focused on the establishment of a legal framework for cybersecurity in recent years.

Given the increasingly interconnected digital landscape, both Chinese and Malaysian governments can consider joint efforts to

improve the cybersecurity legal framework to safeguard both nations’ interests.

By pooling resources, expertise, and technological advancements, both nations can effectively address common cyber threats.

In China, the government implemented the Cybersecurity Law (CSL) on June 1, 2017.

This is the first basic law in China that comprehensively regulates cyberspace security management, and it serves as the overall cybersecurity framework of the country.

After the implementation of the Cybersecurity Law, China’s legal framework for cybersecurity and data protection has expanded rapidly.

From 2017 to 2023, the Chinese government has implemented the Data Security Law (DSL), the Personal Information Protection Law (PIPL) and various regulations and provisions relating to cybersecurity and personal information protection.

In particular, the Personal Information Protection Law (PIPL) provides protection against excessive collection and misuse of personal information by Internet users in China.

The law also includes mechanisms for complaints and reports on any infringement of personal information protection.

While the Personal Information Protection Law (PIPL) aims to protect the use of personal information in general, the Chinese government took additional steps to provide exclusive information protection for minors (children under the age of 14).

On Oct 1, 2019, the Chinese government implemented the "Provisions on the Cyber Protection of Children’s Personal Information."

This is an important move to ensure children’s privacy is protected.

It serves as an important protection for minors who have access to the Internet, but do not know the risks of revealing personal information through their activities on the Internet.

These provisions can stop the sharing of the children’s information for commercial or illegal purposes.

In addition, with the increased numbers of mobile applications (app) in the market, it was observed that there are some app operators involved in the excessive collection and misuse of personal information of app users.

Given this, the Chinese government issued the "Guidelines for Application (App) Collection and Use of Personal Information" in March 2019, which aim at protecting the personal information of app users.

In the guidelines, both app operators and users are educated on what constitutes illegal or excessive collection of personal information, as well as on the appropriate actions when the rights of app users are infringed.

For instance, app users can report the illegal activities of app operators who are involved in the illegal or excessive collection or misuse of personal information through dedicated WeChat lines or websites.

In Malaysia, there are several cybersecurity laws, offering comprehensive protections for cybersecurity.

These include the Computer Crimes Act 1997, the Digital Signature Act 1997, the Telemedicine Act 1997, the Electronic Commerce Act 2006, the Personal Data Protection Act 2010, etc.

However, it was observed that there was no comprehensive framework for cybersecurity in Malaysia until recently.

The Cybersecurity Bill which was passed on April 3 aims to establish a more comprehensive, encompassing cybersecurity law to complement existing legislation.

When it comes to personal information protection, the Personal Data Protection Act 2010 protects the personal data of Internet users by regulating the collection and use of personal data in commercial transactions in Malaysia.

However, there is no legislation in place that offers exclusive protection of the personal information of children or minors in Malaysia.

Students are the most vulnerable groups who might be exposed to the risks of cybersecurity, including misuse of their personal information (including pictures) and cyberbullying. The Malaysian government should focus exclusively on the protection of the personal information of minors, like what the Chinese government has implemented.

In addition, it is reported that there are more than 3 million mobile APPs that can be downloaded from Google Play in Malaysia.

Currently, the data privacy of mobile apps is covered under the Personal Data Protection Act 2010 in Malaysia.

However, the high number of apps available suggests that there should be exclusive guidelines on personal information protection for APP users.

The Malaysian government should consider issuing "Guidelines for Application Collection and Use of Personal Information" to ensure mobile app users are given exclusive protection when using mobile apps.

Both app operators and app users should be educated on what constitutes illegal or excessive collection of personal information, and the appropriate actions to take when the rights of app users are infringed.

As a conclusion, both the Chinese and Malaysian governments are putting effort into establishing a comprehensive cybersecurity legal framework, especially for protecting personal information.

Both nations could consider collaboration, such as knowledge sharing, capacity-building initiatives, and joint research projects, aimed at establishing an up-to-date and comprehensive cybersecurity legal framework in this interconnected digital landscape.

Agnes Tan Siok Inn is an Assistant Professor at Heriot-Watt University Malaysia (HWUM). The views expressed here are entirely the writer’s own.

The SEARCH Scholar Series is a social responsibility programme jointly organised by the Southeast Asia Research Centre for Humanities (SEARCH) and Tunku Abdul Rahman University of Management and Technology (TAR UMT), in conjunction with the 10-year anniversary of the Belt and Road Initiative.

Get 20% OFF The Star Digital Access

Monthly Plan

RM 13.90/month

RM 11.12/month

Billed as RM 11.12 for the 1st month, RM 13.90 thereafter.

Best Value

Annual Plan

RM 12.33/month

RM 9.87/month

Billed as RM 118.40 for the 1st year, RM 148 thereafter.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Columnists

Make Penang AI plan a bridge for majority
Giants fall, England survive – World Cup quarter-finals take shape
Who shapes global AI rules: Asean-China cooperation role
Why the Johor election is good for Malaysian democracy
Confessions of a durian season sinner
Looming threat to social security
More predictable than the World Cup
America at 250
Coexistence with wildlife key for public safety
Jitters all round in Johor

Others Also Read