WE refer to “A call to ensure one’s privacy is not involved” (The Star, April 27), which explained the issue of data privacy and the question of personal information such as telephone or mobile numbers being accessed by other parties.
As the regulator, the Malaysian Communications and Multimedia Commission would like to clarify that all communication service providers are governed by a consumer code and must not disclose customers’ personal information to other parties.
Part 2 of the General Consumer Code, sets out the responsibility of a service provider in the protection of consumer information. A service provider may collect and maintain the necessary data/information of consumers for tracking practices.
However, the collection and maintenance of such data/information shall not be transferred to any party without prior approval of the consumer.
Service providers must also take appropriate measures to provide adequate security, and respect consumers’ preferences regarding unsolicited mail and telephone calls.
Service providers must be open, transparent, and meet generally accepted fair information principles, including providing notice as to what personal information they collect, use, and disclose; the choices consumers have with regard to the collection, use and, disclosure of that information; the access consumers have to the information; the security measures taken to protect the information, and the enforcement and redress mechanisms that are in place to remedy any violation of these.
However, personal information could come from many other sources. For example, people may disclose or communicate their personal information when filling in application forms or during navigation on websites or through online registration.
As such, consumers are advised to read carefully the terms and conditions before they divulge any personal information.
In addition, last April, Parliament passed the Personal Data Protection Bill 2009 that seeks to protect personal data belonging to the public from being misused through commercial transactions.
The Bill placed high importance on the protection from misuse of sensitive personal data, such as information on a person’s health, physical attributes, mental status and religious preferences.
A personal data protection commissioner will be appointed and an advisory committee created to advise the commissioner on the enforcement of the Bill.
Their job will be to monitor the commercial transaction of information. Any private database collection agency would have to strictly comply with the law.
The Bill is a form of cyber legislation and Malaysia is the first among Asean countries to introduce this law, which is modelled after the provisions that were outlined by some European countries in relation to the protection of national security, defence and basic human rights.
The new regulations on data protection would ensure that personal data would not be given out except with the consent of their owners.
CORPORATE COMMUNICATIONS DEPARTMENT,
Malaysian Communications and Multimedia Commission.