Scribd
Upload
43 views14 pages

Topic 4 Data Protection & Online Privacy: Prepared by Hashvini Rekha Pachappan & DR Manique Cooray

The document discusses key aspects of data protection and privacy law in Malaysia. It outlines the Personal Data Protection Act of 2010 and its four main mechanisms for implementation. It distinguishes between personal data and sensitive personal data. The Act establishes several data protection principles including security, retention, data integrity, and access. The rights of data subjects are also summarized, including the rights to correct personal data and prevent processing for direct marketing. Online privacy issues are briefly touched on, such as the right against false light portrayals and disclosure of private facts.

Uploaded by

Agitha Gunasagran
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
43 views14 pages

Topic 4 Data Protection & Online Privacy: Prepared by Hashvini Rekha Pachappan & DR Manique Cooray

The document discusses key aspects of data protection and privacy law in Malaysia. It outlines the Personal Data Protection Act of 2010 and its four main mechanisms for implementation. It distinguishes between personal data and sensitive personal data. The Act establishes several data protection principles including security, retention, data integrity, and access. The rights of data subjects are also summarized, including the rights to correct personal data and prevent processing for direct marketing. Online privacy issues are briefly touched on, such as the right against false light portrayals and disclosure of private facts.

Uploaded by

Agitha Gunasagran
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

TOPIC 4 PREPARED BY HASHVINI

DATA PROTECTION & ONLINE REKHA PACHAPPAN & DR


MANIQUE COORAY
PRIVACY
PERSONAL DATA PROTECTION
ACT 2010
The Act will be given effect to through 4 mechanisms:
1. The Data Protection Principles (Division 1)
2. Industry codes of practices (Division 3)
3. Commissioner (Part IV)
4. The Appeal Tribunal (Part VII)
S2 PDPA: DATA
It is often viewed as a technical term relating to specific information management practices. Such
information includes individual’s names, addresses, telephone numbers, and birth details, medical records.
i.e private details. Therefore data protection law must also be considered in relation to the law of privacy.
Eg; SEXUAL OFFENDER REGISTRY
In brief privacy is more likely to be considered as a fundamental human right and accorded specific
protection under human rights conventions

Difficulties
As this area of law is changing the difficulty is keeping individuals informed as to who is processing data
relating to them, what the purpose of the processing is and what other processing activities are involved.
They also have a right to more information than before in response to a request for access and greater rights
to control processing activity.
SECTION 2(1): APPLICATION:
PROCESSES, CONTROL OR
AUTHORIZES
Scope of Rights and Obligations
•rights and obligations in relation to personal data involve three parties: the data user;
the data processor and the data subject.
S3 PDPA
This act does not apply to state and Federal Government
It applied to companies etc
If a data was performed outside of Malaysia, PDPA will not apply.
Eg: FB, Yahoo, Gmail etc is all located outside of Malaysia. Our data are being
processed outside Malaysia hence PDPA will not be applicabe?
PDPA only applies to commercial transactions
S4 PDPA : PERSONAL DATA &
SENSITIVE PERSONAL DATA
PDPA divided data into two types.
1. Personal Data- Any transaction of commercial/contractual/business in nature only.
Nothing personal . Eg: issue between 2 individual

2. Sensitive personal data- health/medical records


DATA PROTECTION PRINCIPLES
1. Section 5(1): Fine: RM 300,000 or imprisonment for a
term not exceeding 2 yrs or both

1. Security Principle section 9: A data user shall take


2. General Principle: Section 6: The processing (section 4) practical steps to protect the personal data from any
of personal data requires consent but see section 6(2) (a). loss, misuse, modification, unauthorized or accidental
access or disclosure, alteration or destruction.

3. Notice and Choice Principle section 7: Data users are


required to notify the data subjects regarding the purpose 2. Retention Principle: Section 10. The personal data
for which the data is collected and about the right to processed for any purpose shall not be kept longer than
request access and correction of the personal data; is necessary for the fulfillment of the purpose to which it
was obtained for.

4. Disclosure Principle section 8: (“Disclosure” section 4)


No personal data shall be disclosed without the consent 3. Data Integrity Principle Section 11: A data user shall take
of the data subject reasonable steps to ensure the accuracy and to maintain
the data current for the purpose it was collected for.

4. Access Principle: A data subject shall be given access to


RIGHTS OF DATA SUBJECTS
1. RIGHT TO CORRECT PERSONAL DATA – S30
2. RIGHT TO CORRECT PERSONAL DATA – S34
3. RIGHT TO PREVENT PROCESSING LIKELY TO CAUSE DAMAGE &
DISTRESS – S42
4. RIGHT TO PREVENT PROCESSING FOR PURPOSES OF DIRECT
MARKETING – S43
ONLINE PRIVACY
WRITTEN SOURCES OF LAW

Right to Life and Personal Liberty. Article 5 of the Federal Constitution provides
that, “no person shall be deprived of his life and personal liberty save in accordance
with law.”
OBJECTIVES OF PDPA:
The main objective is to regulate the processing of personal data in the context of
commercial transactions by data users, and to provide a safeguard for the interests of
data subjects.
WHAT DOES THE RIGHT OF
PRIVACY PROTECT?
Against personal embarrassment and intrusion
FALSE LIGHT

Most likely to encounter.


This type of violation involves:

Publication of false or misleading material/Places a person in a false light/Highly


offensive to a reasonable person with knowledge of, in a reckless disregard as to, or
negligence as to its falsity.
ILLUSTRATIONS
If you use a person’s face with an offensive picture of another’s body or combine a person’s picture with
an offensive setting or with offensive sounds?
In combining or creating images you should view your creations from the individual’s point of view, if
the person is placed in an offensive or false light and the newsworthiness does not outweigh the
individuals interest you could be violating the right of privacy

PRIVATE FACTS
Disclosing private facts about a person, if that information would be highly offensive to a reasonable
person.
If information is truthful?
It is unlikely that you will be involved in this type of privacy violation, if you use publicly available
materials instead of private information. The courts generally find there is no invasion of privacy when
the facts are publicly available, such as from a court file or other public record.

You might also like