KUALA LUMPUR, Jan 4 — Lawyers for Liberty (LFL) today alleged that the rolling out of Padu, the government's newly-launched central database hub, risks exposing sensitive information but gives the public no legal redress to seek damages if their personal data are leaked or stolen.
The group claimed government agencies ARE protected from legal action if data from Padu is leaked or stolen based on a provision under section 3(1) of the Personal Data Protection Act 2010 (PDPA) that appears to exempt the government from its application.
"Whilst there are valid reasons advanced why this initiative is necessary, there are legitimate and serious concerns regarding the protection and security of the data collected,” said Zaid Malek, LFL director.
"As it stands...the data collected by PADU can be disseminated or used by the government beyond its declared purpose of targeted subsidies. There have been cases of misuse of data by the government before where personal data were used to disseminate propaganda by way of SMS to the public.”
Padu was launched on Tuesday amid fanfare with the Anwar government touting it as a "game-changer” that would plug billions of ringgit in subsidy leakages that often end up with the upper middle class and the rich, but users immediately found serious problems with the platform that went live shortly after the launch.
LFL alleged the government has a bad track record of data protection. In the past, there have been numerous reports of data being stolen from multiple government agencies, exposing users to scams and data fraud with no legal recourse as the government is exempt from liability under the PDPA.
"This puts the public at a terrible disadvantage and in danger of loss and damage,” the group said.
Zaid added it would be a "massive betrayal of trust should data collected from the public be used by the government for any political purposes.”
LFL said it echoes calls for Padu to be temporarily suspended until the government addresses all security loopholes, including making amendments to the PDPA so the public could hold the government accountable in the event a data breach happens.
Zaid said it was "strange” that the government had rolled out the platform without tightening necessary laws to beef up personal data protection.
"Without the amendments being made before the launch of Padu, the public cannot be assured that their data will be protected from misuse by the government or scammers and unscrupulous individuals who will undoubtedly target the massive database,” it said.
"This type of criminality is notoriously widespread now and has become regional.”
You May Also Like