KUALA LUMPUR, May 23 — Transparency International Malaysia (TI-M) today expressed concern over the alleged data leaks and sale of personal data belonging to Malaysians and urged the government to publicly disclose the results of police investigation into the matter.
In a statement today, TI-M said in a digital age of increasing technological developments, the country must not be complacent towards the growing threat of cybercrimes and the vulnerability of our personal data and privacy.
“Not only is this issue a recurring threat to personal data privacy of all Malaysians, but there seems to be a lack of clarity and eagerness from the government to transparently disclose and discuss the best solution to these data privacy threats.
“Verbal guarantees of the strength of the government agencies’ firewalls will not suffice,” TI-M said. TI-M urged the government to ensure that investigations into such matters remain transparent, allowing Malaysians to know the outcome of investigations.
It also suggested that legislators study what is lacking in existing legislation, leading to solutions that strengthen the existing legal framework surrounding personal data protection.
It then recommended a more robust cybersecurity system be put in place to avoid the recurrence of such data breaches.
TI-M was referring to a report by Lowyat.net which stated that the National Registration Department's (NRD) dataset containing information of all Malaysians born between 1940-2004 was being sold on an online database marketplace forum.
The dataset included the full names, identity card numbers, addresses and photographs of approximately 22.5 million Malaysians, allegedly obtained from the myIDENTITY platform — a data-sharing platform that allows agencies to access personal information via a centralised repository.
Recently, Minister of Home Affairs Datuk Seri Hamzah Zainudin was quoted saying in a news report that 104 agencies have permission to access the platform.
Prior to this, a similar sale of data belonging to four million Malaysians was reported in September of last year.
Hamzah has denied that the recent leak is from the NRD, saying that there are mechanisms in place that have verified the data as not coming from the department.