Personal Data Protection Act 2010 (PDPA) Case Study in Malaysia

Personal Data Protection Act 2010 (PDPA) Case Study in Malaysia. Background Information, A Case study related to the Personal Data Protection Act. Also, Suggestions to improve the Personal Data Protection Act 2010 (PDPA).  Example of Personal Data Protection policy of an organization.

Personal Data Protection  Act

The personal data protection act refers to the written regulation of the government to protect consumer’s sensitive documents. PDPA is the acronym for the personal data protection act. The personal data protection act is a written policy created and regulated by the government to protect the personal information of consumers such as users’ names, users’ IDs, and phone numbers.

Personal Data Protection Act 2010 in Malaysia

The Malaysian Parliament passed the Personal Data Protection Act 2010 (PDPA) of Act 709 in May 2010 (Personal Data Protection Act, n.d.). After passing the bill related to the personal data protection act 2010 by the Malaysian parliament, it had been sent to the king for getting royal assent. On 2 June 2010, it was received royal assent. The Malaysian government started to implement the Personal Data Protection Act 2010 on 15 November 2013 by way of notification in the government gazette. The prime objective of this act is to protect personal information from the perspective of commercial transactions.

The most general principle of this act to prohibit people to use other’s personal data without consent. “Personal Data Protection Department (PDPD) is an agency under the Ministry of Communications and Multimedia Commission (MCMC)”. The prime duty of the PAPD department is to supervise the handling of personal data of individuals related to commercial transactions. PAPD wants to ensure that no one misuses and misapplies the other party’s data without taking concern. The maximum penalty is between RM100k to 500k and/or between 1 to 3 years imprisonment for non-compliance (Shahwahid & Miskam, 2014). There is no amendment or modification that has been noticed in the Personal Data Protection Act 2010.

The PDPA 2010 act was a need to actualized to enable the confidence of the consumer in electronic commerce and business transactions. Before passing this act, the credit card fraud cases increased in Malaysia. The theft was selling personal data without customer consent. After passing the PDPA 2010, the amount of fraud cases related to bank cards has been reduced. Now people can trust the company to provide their personal information without hesitation. Therefore, companies and clients’ parties get benefits from the PDPA 2010 act.

Personal Data Protection Act 2010 (PDPA) in Malaysia
Figure 1: Personal Data Protection Act 2010 (PDPA) in Malaysia


 Personal Data Protection Act 2010 Case Study

Due to the popularity of social media platforms, cybersecurity became a major concern that would cause a personal data breach. As one of the cases from Facebook, in December 2019, the personal data of 267 million Facebook users were exposed to an online database. These personal data consist of users’ names, users’ IDs, and phone numbers, which could be accessed by anyone through the database.

Although Facebook contacted the internet service provider to remove these data from the servers after discovering the data leak, however, the database was exposed online for two weeks which these data were also posted on a hacker forum already. Regarding the possible reason for this data breach, the security researcher of Facebook claimed that the data is most likely the result of exploiting Facebook’s Application Program Interface (API) by hackers. Thus, it is essential to enforce a personal data protection act in vulnerable cyberspace.

In addition, relating this act specifically in the Malaysian context, on 3 May 2017, Khas Cergas Sdn Bhd, the company that owns Vitoria International College was charged in the Sessions Court for processing personal data of the former employee without a valid certificate of registration issued by the Personal Data Protection Department (PDPD). Specifically, this case breached section 16 (1) of the PDPA in which requires the data users to register the applicant and issue a certificate of registration by the PDPD. The offense was allegedly committed by the company at its premises on June 6, 2016. After the Sessions Court judge, the charge which under section 16 (4) of the PDPA claimed on conviction, the company would be liable to a maximum fine of RM 500,000 or imprisonment up to three years, or both (Attorney General’s Chambers of Malaysia, 2016).

 Why PADA is Relevant to the New Media?

With the rapid development and progress of science and technology, the medium of information dissemination is constantly changing. The release of the Personal Data Protection Act (PDPA) in Malaysia had an impact on the new media environment. Next, the author will talk about my reasons for the PDPA is relevant now with the new media environment.

Firstly, the Personal Data Protection Act (PDPA) gives people more control over their personal data. More and more people can easily get online due to the rapid development of the network. There are varieties of social media, for example, Facebook, Twitter, WhatsApp, etc, in which people steal other information to misuse. Unfortunately, a lot of criminals catch the opportunity to steal other people’s personal information. There is no doubt that the stealing of personal information is a terrible thing. If everyone knew the benefits of the Personal Data Protection Act, people can use it to control their personal data. Thus, the Personal Data Protection Act is relevant now with the new media environment.

Secondly, the Personal Data Protection Act (PDPA) deals with personal data related to commercial transactions. Since the human appeared, business activities had not stopped. The release of the Personal Data Protection Act (PDPA) in Malaysia has significantly reinforced the protection of personal data in relation to commercial transactions. It imposed strict restrictions on some people who collect, record, and process personal data. There is no denying that this action protects the unauthorized use of personal information. Thus, the Personal Data Protection Act is relevant now with the new media environment.

Last but not least, the Personal Data Protection Act (PDPA) lets a person reduce unwanted telemarketing messages received.  Have you been harassed by an advertising call? Due to the popularity of mobile phones and some mobile devices, more and more people’s personal information does not feel leaked. People want a safe network environment where all information keep safe. Therefore, the Personal Data Protection Act(PDPA) is relevant now with the new media environment.

Suggestions to Improve the PDPA 2010

Although the establishment of PDPA has provided great help for the protection of personal information at the commercial level, after a long period of practice, some problems have still been exposed.

Firstly, we must reduce the impact on the personal data life cycle management process. Collection, use, storage, and destruction should be minimized in every aspect.

Secondly, comprehensively consider the operating methods of different companies and find the best and generally applicable specific terms to minimize the changes in business processes made by the company to adapt to the terms.

Third, the establishment of a central database to achieve unified management of global information can not only facilitate the integration of information but also simplify the process of cross-border personal data transmission. For example, during the MCO, everyone uses ZOOM to conduct virtual courses. After we install ZOOM, usually there will be a pop-up window at the bottom of the screen “Allow ZOOM to obtain your location permission”.  Usually, no one cares about this problem, but in fact, your geographic location has been exposed.  The next step is to bind the account.

Usually, everyone binds their Google account by default, so that ZOOM directly obtains our email address. We recall further, what personal information did you provide when you first registered your Google account? Name, date of birth, nationality, region, these four items are the most basic personal privacy. Since we provide ZOOM with our Google mailbox, the personal information that we leaked when registering Google mailbox does not rule out that ZOOM’s company has learned all of them. Imagine that the ID card and passport that you usually hide in the innermost layer of the wallet or in the innermost drawer have been completely wiped out by strangers.

What should we do in this situation? We can only rely on legal protection. According to PDPA, “from a business perspective, the organization cannot use other people’s information without his or her permission.  When we registered with Google, it was equivalent to allowing Google to obtain and use our personal information.  However, for ZOOM, we only allow it to bind our Google account (Google mailbox), which does not mean that we also agree to it to obtain our name, age, nationality, and region. This problem is exactly what needs to be resolved urgently.


With the rapid development and wide application of information technology, human beings have gradually entered the era of new media. The protection of personal data is also particularly important. In the media field, while the continuous changes in media technology have had a profound impact on the media, the privacy of personal data has been greatly challenged.

The Survey Report on the Protection of the Rights and Interests of Chinese Netizens (2015) shows that in the past year, netizens have lost approximately RMB 80.5 billion, or RMB 124 per capita, due to personal information leakage, spam, and fraudulent information. (The State Council Information Office of the People Republic of China. 2015). Personal data protection plays an important role in the media field. Personal data security even affects the security of collective interest, and the protection of corresponding laws and regulations is very important.

The world is suffering from data privacy leaks.  Therefore, the perfect way of solving the problem is to implement the privacy policy act. Many countries as well as regions in the world have strict regulations on data privacy and security. The release of PDPA in Malaysia has significantly reinforced the protection of personal data in relation to commercial transactions.

Personal Data Protection Policy Example

The sample of the Personal Data Protection Policy conveys a better understanding regarding the Personal Data Protection policy. This is a  Personal Data Protection policy of a private university in Malaysia, Putra Business School.

Putra Business School Personal Data Protection Policy

Attorney General’s Chambers of Malaysia. (2016). Personal Data Protection Act 2010.

Personal Data Protection Act (n.d.). Retrieved from



Malaysia’s Vision 2020: Why Vision 2020 Has Been Failed To Achieve Its Goal.

Malaysia Vision 2020: Vision 2020 has Successfully Been Achieved or Not? The Nine Challenges that Must Overcome to Achieve Vision 2020. Discussion and Opinion Why Vision 2020 has failed to achieve its goals.

Malaysia’s vision 2020 with nine challenges was introduced in 1919 by the fourth prime minister. The Vision calls for the nation to achieve the status of a self-sufficient industrialized nation by the year 2020. Discuss whether the aim of Vision 2020 has successfully been achieved.

Malaysia Vision 2020

Vision 2020 or Wawasan 2020 was a mega policy of the Malaysian government introduced by Malaysia’s fourth and seventh prime minister Mahathir Mohamad in 1991 (Jeshurun, 1993). Leong (1997) stated that this mega plan came up with the objective of securing the eligibility of a developed country by 2020. He also said the prime goal of the Vision 2020 was to obtain a self-sufficient industrialized country by the year 2020. In addition to that, there are some other objectives that also wanted to achieve by this plan such as social well-being, economic prosperity, world-class education, technology-based society, political stability, as well as psychological balances.

Based on achieving the vision 2020, some mid-term and short-term plans had been taken by the government such as the National Development Policy 1991-2000 with OPP2, National Vision Policy 2001-2010 with OPP3, and Economic Transformation Program (ETP) under Malaysia Tenth Plan in 2010. Even, the annual budget was proclaimed to ease the way of achieving vision 2020. All these plans were encompassed to establish a progressive, prosperous, and developed Malaysia where everyone will live in harmony.

The Nine Challenges that Must Overcome to Achieve Vision 2020

The nine strategic challenges were outlined to overcome before 2020. Malaysia cannot be a prosperous and developed country until overcome these challenges entirely that experienced from the beginning of independence (MALAYSIA AS A FULLY DEVELOPED COUNTRY, n.d.). Therefore, the authority published eight challenges that need to overcome to achieve Vision 2020.

Challenge-1: The first challenge of Vision 2020 is to develop a united Malaysian nation with a spirit of mutual destiny. This will form a peaceful nation where everyone lives in harmony. The country will ensure loyalty, justice, and equality, and fair partnership for all citizens that is called ‘Bangsa Malaysia’ (MALAYSIA AS A FULLY DEVELOPED COUNTRY, n.d.).

Challenge-2: The second challenge to create a secure, developed, and psychologically freed country. The people will live in a society with full confidence and faith in the nation. Society must be fully conscious about its opportunity and potentiality and respected by foreigners (Islam, 2010).

Challenge-3: The third challenge of Vision 2020 is to practice liberal democracy inside the country. It can make Malaysia a model for other developing nations in Asia as well as all over the world. In short, it all about nurturing and promoting a mature democratic society.

Challenge-4: The fourth challenge is to establish an ethical and moral society. The citizen of the nation will live in a society with religious, cultural, and traditional values.

Challenge-5: The fifth challenge is about developing a liberal, tolerant, and knowledgeable society, in which all Malaysian can practice their culture, traditions, religion, belief, and creeds. All Malaysian people belong to one nation it doesn’t matter what is the religion, what is the origin, and what is the language.

Challenge-6: The sixth challenge is to establish an innovative and technology-based progressive society. The people of this society will not only be a client of technology but utilize them to well-being for society.

Challenge-7: The seventh challenge is to create a caring and cooperative society, in which people will not leave their families but maintain a strong resilient family system.

Challenge-8: The eighth challenge is to assure an economically self-righteous society, in which the fair distribution of the wealth will be practiced in society without any discrimination, exploitation, and injustice.

Challenge-9: The last and ninth challenge is to establish a prosperous and developed society. The economy of the nation will be strong, resilient, competitive, and dynamic.

The Vision 2020 has Successfully Been Achieved or Not?

Based on my observation, it is clear that Vision 2020 has not been achieved. The main aim of Vision 2020 was to establish a self-sufficient industrialized country by the year 2020 as well as secure the eligibility of a developed country. Until now, Malaysia has not achieved the status of developing countries because the nation could not overcome all the nine challenges that they mentioned earlier.

Discussion and Opinion Why Vision 2020 has failed:

Doubtfully, there are some reasons that affected the failure of Vision 2020 directly and indirectly. Based on my research, I have discovered three important reasons that affected achieving Vision 2020, for example, leadership, discrimination, and economy.

  1. Leadership

According to B (2019), Prime Minister Tun Dr. Mahathir Mohamad blamed that the objectives of Vision 2020 were not achieved due to the wrong leadership skills of the previous prime minister Abdullah Badawi and Najib Razak who are responsible for the failure of Vision 2020. Actually, Vision 2020 has been failed because the nine challenges were not completely understood by the administrators in Malaysia who championed them.

  1. Discrimination

The challenges of Vision 2020 are fostering a liberal democratic society, moral and ethical society, scientific progressive society, discrimination, and exploitation-free society. A Malay-led government cannot establish a liberal democratic society and discrimination still exist in several sectors in Malaysia including University, job, business, and politics. Thus, discrimination has barred achieving Vision 2020.

  1. Economy

Finally, the ninth challenge was to create an economically righteous society. An economically righteous society takes care of the interests of all people not only rich but in Malaysia. But, rich people are getting wealthier day by day through the domination business market while general people survive just hand to mouth. The economy couldn’t ensure the fair share of the country’s wealth to everyone; therefore, Vision 2020 has not been achieved.


Vision 2020 was introduced by Prime Minister, Mahathir Mohamad in 1991 to establish a prosperous, developed, discrimination-free, technology-based, ethical, and liberal society. The eight challenges had been outlined to overcome to achieve Vision 2020. Although they have established enough technological, economical, and structural development in Malaysia until Vision 2020 has not been achieved completely.


B. (2019, October 5). Objective of Vision 2020 not achieved. New Sarawak Tribune.

Islam, R. (2010). Critical success factors of the nine challenges in Malaysia’s vision 2020. Socio-Economic Planning Sciences44(4), 199-211.

Jeshurun, C. (1993). Malaysia: The Mahathir Supremacy and Vision 2020. Southeast Asian Affairs, 203-223.

Leong, Y. K. (1997). Lifelong Learning and Vision 2020 in Malaysia.

MALAYSIA AS A FULLY DEVELOPED COUNTRY. (n.d.). Prime Minister’s Office of Malaysia.