Privacy, Cybersecurity & Technology

GLADLY LEVERAGING TECHNOLOGY

Artificial Intelligence, Machine Learning, Internet of Things, Blockchain Technology and Big Data Analytics are starting to disrupt the business landscape. The digital domain moves fast, with new developments often leaving regulations playing catch up.

We have experts in the realm of digital and media law, the Internet and technology as well as experts in dealing with privacy and cyber security in this age of social media and the digital economy. Our lawyers have extensive experience in helping clients to guard against possible regulatory penalties and reputation risk as well as to meet the new legal challenges posed by new technologies.

OUR KEY AREAS OF PRACTICE INCLUDE:

  • Technology ownership, assignment, transfer and technical assistance
  • IT contracts (tech development, cloud computing, the Internet of Things, software license, software distribution, service level, IT service)
  • Intellectual property advisory and protection
  • Multimedia, Internet and Telecommunications advisory
  • Data protection/privacy policy
  • PDPA compliance, audit and training
  • Cross-border data transfer and privacy issues
  • Licensing requirements under the Communications and Multimedia Act
  • Electronic, digital and smart contracts
  • Encryption issues
  • E-commerce, online marketing and consumer protection
  • Anti-competition issues
  • Electronic money and Internet banking
  • Cyber and IT security
  • Corporate compliance programs
  • Digital content, new and converging media
  • Entertainment, media and gaming

OUR KEY AREAS OF PRACTICE INCLUDE:

  • Technology ownership, assignment, transfer and technical assistance
  • IT contracts (tech development, cloud computing, the Internet of Things, software license, software distribution, service level, IT service)
  • Intellectual property advisory and protection
  • Multimedia, Internet and Telecommunications advisory
  • Data protection/privacy policy
  • PDPA compliance, audit and training
  • Cross-border data transfer and privacy issues
  • Licensing requirements under the Communications and Multimedia Act
  • Electronic, digital and smart contracts
  • Encryption issues
  • E-commerce, online marketing and consumer protection
  • Anti-competition issues
  • Electronic money and Internet banking
  • Cyber and IT security
  • Corporate compliance programs
  • Digital content, new and converging media
  • Entertainment, media and gaming

FREQUENTLY ASKED QUESTIONS

Your privacy is extremely important. In fact, our Courts have even recognised that right to privacy is a constitutional law. You should care about your privacy to prevent unauthorised use of your personal information, identity theft, fraud, spam, financial loss as well as insult on your modesty. All persons, whether laymen, public figures and celebrities have a reasonable expectation of privacy.
It simply means a breach of an individual’s personal information or an invasion of his privacy right through unauthorised use or disclosure of his personal information or private life, which causes distress to him.
You can claim damages for losses suffered and an injunction to prevent further dissemination or publication of your personal information. As for breach of personal data protection law, you can also lodge a complaint with the personal data protection authority for them to take criminal legal action against the infringer.

Under the Personal Data Protection Act 2010, if you are a data user (i.e. someone who processes personal data), you are required to comply with all the following principles:

  • General Principle
  • Notice and Choice Principle
  • Disclosure Principle
  • Security Principle
  • Retention Principle
  • Data Integrity Principle
  • Access Principle

Under the Personal Data Protection Act 2010, if you are a data user (i.e. someone who processes personal data), you are required to comply with all the following principles:

  • Right to be told whether your personal data is processed by an organisation
  • Right to access your personal data
  • Right to rectify your personal data
  • Right to withdraw consent to processing of your personal data
  • Right to prevent processing of your personal data likely to cause damage or distress
  • Right to prevent processing for purposes of direct marketing
We live in a digital world where technology and Internet form part of our life. Technology law basically refers to different statutes and rules that apply to computer and Internet topics, such as hacking, identity theft, false information, confidential information, trade secrets, electronic and digital signatures, personal data protection, communication and multimedia, electronic commerce, etc. These laws exist to protect you in your digital life.
The first thing you should do is immediately limit the thief’s access to your personal accounts, change the password of your bank accounts and cancel your credit cards and ATM cards. You then need to alert the relevant government authorities and seek an advice from a lawyer.
Cybersecurity is the collection of technologies, processes and best practices that give protection of networks, services and devices and the data on them from theft, damage or unauthorised use.
Cyber attack refers to an offensive action (such as authorised access, unapproved changes and malicious destruction) intended to undermine the functions of physical infrastructure (e.g., power grids, nuclear reactors) as well as computational infrastructure (e.g., computers, networks). Examples of cyber attacks include Distributed Denial of Service (DDoS) and Man-in-the-Middle (MITM) attacks.
In Malaysia, we do not have a stand-alone cybersecurity law. We rely on Personal Data Protection Act 2010 to protect our personal data; Computer Crimes Act 1997 to protect unauthorised access to computer material; Penal Code to protect us from fraud; Communications and Multimedia Act 1998 to protect us from anyone who uses application services with the intent to annoy, abuse, threaten or harass at any number or electronic address and use of hardware, software or tools to commit cybercrime. Certain sectors such as banks, capital market service providers as well as critical national information infrastructure have rules and guidelines that spell out minimum baseline obligations on cybersecurity. However, these technology laws do not provide a regulatory framework for the routine and proactive protection of critical national information infrastructure. A stand-alone Cybersecurity Act will enhance the powers to complement the existing technology laws.

Yeow Jie Han, Partner

Corporate Commercial, Intellectual Property & Technology

© 2018 GLT Law – Gan, Lee & Tan. All Rights Reserved.

D-67-2, Block D, 72A, Jalan Prof Diraja Ungku Aziz,
Jaya One, 46200 Petaling Jaya, Selangor, Malaysia.