Malaysia will need to review its Personal Data Protection Act (PDPA) 2010 from time to time to ensure it is aligned with new developments such as the introduction in May of the European Union’s (EU) General Data Protection Regulation (GDPR).
Communications and Multimedia Minister Gobind Singh Deo noted the GDPR, a new framework for data protection laws, applied to any company offering goods or services to consumers in the EU or European Economic Area.
This, he said, included Malaysian companies with business links or dealings with European countries.
“Companies have to act now, particularly because legislation such as the new EU GDPR can impose considerable penalties for non-compliance of regulations,” he said in his keynote address at the Malaysian Advertisers Association (MAA)-World Federation of Advertisers (WFA) Digital Governance Forum with the theme The Future of Digital Advertising in a Privacy-First World here today.
In the speech titled ‘Decoding the Personal Data Protection Act’, Gobind Singh said reviewing the PDPA from time to time was needed, as Malaysia too was part of the now borderless economy and had to take into consideration data protection frameworks such as the GDPR.
“Malaysia also needs to be on par with global legislation on data protection, because Malaysians are not exposed to just local retailers and other parties seeking to use their data for a variety of purposes,” the minister said.
Gobind Singh emphasised that regulation awareness was not only for the experts but would also be part and parcel of everyday business.
“Understanding the rules thoroughly is a long term-strategy that will help create more business value and provide companies with competitive advantages,” he said.
For example, the PDPA requires personal data notices to be issued in both English and Malay.