Comply or face the consequences
KUALA LUMPUR: Companies must comply with the Personal Data Protection Act 2010 when dealing with the public’s personal data, or face the legal consequences.
For unlawful collection of personal data, the law reads: “A person who commits an offence under this section shall, upon conviction, be liable to a fine not exceeding RM500,000 or to imprisonment for a term not exceeding three years or both.”
The Department of Personal Data Protection (DPDP) yesterday issued a statement urging companies and individuals to be mindful when dealing with personal data.
According to the department, personal data misuse was imminent if companies or individuals did not take precautions.
“DPDP urges the public to always be cautious when sharing personal data with another party. Personal data sharing must be controlled wisely so that members of the public do not easily give opportunities to irresponsible parties to misuse their personal data,” the statement read, quoting DPDP Commissioner Khalidah Mohd Darus.
It also stressed the importance of companies complying with the Seven Personal Data Protection Principles under the law in order to manage personal data wisely and with integrity.
This, they said, would simultaneously increase confidence of the public to deal with said organisation.
The Malaysian Communications and Multimedia Commission (MCMC) had yesterday blocked access to the website https://sayakenahack.com, citing data privacy concerns.
To this, the department said they were aware of the existence of the website and had requested the cooperation of MCMC to block the site as it contained personal data collected without approval as required under Section 130 of the Personal Data Protection Act 2010.