Nation

Amendment to Personal Data Protection (PDP) Act 2010 tabled for first reading

KUALA LUMPUR: The amendment to the Personal Data Protection (PDP) Act 2010, which aimed at improving provisions relating to the processing of personal data to be in line with international standards and practices, has been tabled for the first reading in Dewan Rakyat, today. 

The bill, which was tabled by Digital Minister Gobind Singh Deo, will also be tabled for the second reading in the same session. 

According to the blue book circulated in Parliament, the Act will see an amendment to Section 129 to provide that a data controller may transfer any personal data of a data subject to any place outside Malaysia if there is in that place in force any law which is substantially similar to the Act. 

Alternatively, the place must ensure an adequate level of protection in relation to the processing of personal data which is at least equivalent to the level of protection afforded by the Act. 

This is as section 129 currently requires that personal data may only be transferred to a place outside Malaysia as specified in the notification published in the gazette.

Meanwhile, a new proposed section 12a will require a data controller to appoint one or more data protection officers. 

"A proposed new section 12b will also be included to provide for the procedure relating to data breach notification," it said.

The bill will also amend Section 21 of the Act to enable the commissioner to designate not only a body but also a data controller as a data controller forum in respect of a specific class of data controllers.

It also sought to introduce a new section into the Act to provide for the rights of a data subject to data portability subject to technical feasibility and compatibility of the data format.

Last week, Gobind in a statement said the cabinet had approved the proposed amendments to PDP Act and the amendment will be tabled in the current Parliament session. 

He said the amendments were significant to ensure that Malaysia's personal data protection legislation aligned with the global standards, changes and legal developments. 

He also highlighted that the key proposals for the amendment of the Act included mandatory notification of personal data breaches, additional compliance responsibilities for data processors and the appointment of Data Protection Officers.

Most Popular
Related Article
Says Stories