Malaysian Communication and Multimedia Commission

The Malaysian Communication and Multimedia Commission (MCMC) also known as Suruhanjaya Komunikasi dan Multimedia Malaysia (SKMM) is the regulator for the communication and multimedia industry in Malaysia. The Communication and Multimedia Act 1998 was established. This act intends to implement and promote Malaysian Government's national policy objectives for communication and multimedia sector. Malaysia is a knowledge driven economy, and this legislation helps to govern conduct involving communication and multimedia especially over the internet, broadcasting and telecommunications. In November 2001, when the MCMC was given the additional responsibility of regulating postal and courier services, under the Postal Services Act 1991 (PSA), and certification services, under the Digital Signatures Act 1997 (DSA).

The ultimate aim of the MCMC is to create a globally competitive, efficient and increasingly self-regulated postal, communications and multimedia industry capable of generating growth to meet the socio-economic needs of Malaysia. The MCMC acts as an adviser to the Minister of Energy, Water and Communications on all matters concerning communications and multimedia. As stated in the MCMCA, the MCMC is empowered both to implement and enforce communications and multimedia laws. It also performs the role of a watchdog, in ensuring players in the industry abide by the rules and regulations while at the same time encouraging self-regulation within the industry.

Taking Responsibilty for the Internet

Recently, I read an article written by Eva Yeong on the Sun daily newspaper (www.sundaily.com) entitled Need to enhance IT security, it is a very interesting article regarding the need to make the internet a safer place for the citizens of Malaysia.

Recently, computer & networks security giants 'KASPERSKY' has launched a research center in University of Technology Mara (UiTM). This academical program helps in the exchange of cyber security knowledge and the innovational rising threats that is going on over the internet. People have found new ways of attacking systems. For instance, Kaspersky mentions that malwares are now capable of making money rather than just simple mischief and ATMs are being hit with Trojan viruses and enabling criminals to total access to money. The criminals are getting smarter and find new ways of cracking systems. And thus the Kaspersky Research Center Academy provides a strong base to build a much more secure internet environment. It offers various basic training courses, in depth specialized courses, internship courses and many more.

Launching of the Kaspersky Research Center

Kaspersky says that all these criminal activities is going on due to vast anonymous internet users, he says. "To design a safer e-World we need better Internet regulation, such as Internet Passports for individuals, accreditation for businesses, and temporary storage of necessary requests, whilst there is also a need for what I term an Internet-Interpol

which will see more international police collaboration on cybercrime" Kaspersky encouraged more Malaysians to participate in the programmes offered through the Kaspersky Academy as a starting point to careers in the secure content management solutions industry.

Kaspersky Academy is already running worldwide in many countries and has 20,000 experts and affliated experts to help in the developme

nt of cyber security.

Reference: Need to Enhance IT security by Eva Yeong (http://www.thesundaily.com/article.cfm?id=41174)

Censorship in Malaysia

"In order for us to instil good morals and values in our people, we have to stop importing films that are not appropriate for our country....We imposed the ban after viewing thousands of titles over the last five months." - Shaari Mohamad Noor

"hold on to good values and preserve the family institution" - Tun Dr. Mahathir Mohamad

(http://images.search.yahoo.com/images/view?back=http://images.search.yahoo.com/search/images)

Malaysia is known to have one of the toughest censorship laws. The Film Censorship board of Malaysia which is under the control of Malaysian home office, pay special attention to nudity, sex, profanity, violence and sensitive religious content in films and television production. Censorship can be in books, newspaper, films, internet content, musicians, and content which is pornographic.

According to Wikipedia (www.wikipedia.com), it is said that Malaysia has quiet a reasonable level of freedom of speech. Malaysia was graded 4 points out of 7, with 1 being most free and 1 having the least freedom. Malaysia was also ranked 124th in World Wide Press Freedom index by the Reporters Without Borders. Although Malaysia has a flexible levels of freedom of speech its censorship board is strong.

Banned Products

Movies such as Zoolander (2001) is banned because of a plot line in which an assassination attempt is made on the Malaysian prime minister.

The Prince of Egypt (1998) was initially banned so as not to offend the country's majority Muslim population. The reason given by chairman of the Film Censorship Board was: "We found it insensitive for religious and moral reasons. Because of the many races in Malaysia, religion is a very sensitive issue." It was passed for VCD and DVD release by Berjaya HVN

Many books such as the indonesian version of Charles Darwin's origin of Species, the Iban bible, The Vagina Monologues, and many more are banned for sale and distribution in Malaysia. You will be able to find a list of vast banned items on wikipedia.

It has also come to concern that strict censorship laws should be applied on the internet. According to Wikipedia Encyclopedia. Deputy Science and Technology Minister Kong Cho Ha has announced that all Malaysian news blogs will have to be register with the Ministry of Information. He justified this by stating the law was necessary to dissuade bloggers from promoting disorder in Malaysia’s multi-ethnic society.

Reference (www.wikipedia.com)

My Poster

This is my poster to create awareness for Cyber crime.

"it's against the law"

The sources of the original pictures are from google's image gallery.

Tutorial question 2

Q. Meera has been receiving emails from travel companies that keep offering her holiday packages to various places in the world She replied to the senders to stop emailing her, but only to find that the emails keep coming and flooding her inbox. She came to you to on the legal aspects that may arise out of this practise by the travel company. Advise her on both criminal and data protection aspects.

A.Meera could charge the company under Communications & Multimedia Act 1998. If the company is found guilty. Than the company can pay a fine up to RM 50,000. There are no personal data protection (PDP) laws still available in Malaysia.

Tutorial question 1

Andrew is a computer science student attached with Microhard Corporation in Cyberjaya as a practical trainee. One day he managed to crack the company’s information system but did not do anything afterwards. The following day he also managed to intrude into Microhard’s Corporation’s website system and then posted his picture in the front page of the website and left his mobile number below his picture hoping that someone will call him and make friends. Subsequently his phone rang, but unfortunately it was his training manager who called and later warned him that actions will be taken. Upon investigation, it wad also revealed that Andrew had previously leaked the company’s system access code to his friends at University, to who he also sent emails telling bad things about his manager. Advise Microhard Corporation on various potential liabilities of Andrew from the above incidents, with reference to various cybercrimes laws applicable in Malaysia.

Under the Computer Crimes Act 1997 and Communications & Multimedia Act 1998, a few charges could be faced by Andrew. And these charges are:

1. "One day he managed to crack the company's information system but did not do anything"

Andrew can be charged under CCA s.3(1) which falls under unauthorized access to computer, computer system & computer network (intrusion) which the punishment could be a fine up to RM 50000 or up to 5 years imprisonment or both.

2. "Andrew intrude into his company’s website system" again for the second time.

Andrew can be charged under CCA s.3 (1) which falls under intrusion win which the punishment could be a fine up to RM 50000 or up to 5 years imprisonment or both.

3. "Andrew posted his picture on the front page of the website and left his mobile number below his picture so that someone will call him & make friends."

Andrew can be charged under CCA s.5 (1) regarding unauthorized alteration, amendment & modification of data CCA s.5 (1) which falls under unauthorized alteration, amendment & modification of data. And the punishment could be a fine up to RM 100000 or up to 7 years imprisonment or both.

4. "Andrew leaked the company’s system access code to his friends at University."

Andrew can be charged against CCA s.6(1) which covers unauthorized communication of passwords in which the punishment will be fined up to RM 25000 or up to 3 years imprisonment or both.

5. "Andrew sent e-mails telling bad things about his manager."

Andrew can be presed charges under the Communication & Multimedia Act 1998 (CMA) s.211 which regards e-mail with false spreading and e-mail with hatred and abusive content in which the punishment will be fined up to RM 50000 or up to 1 year imprisonment or both.

Computer Crimes Act 1997

In 1997, Malaysia adopted the Computer Crimes Act 1997. This act is similar to United State's Computer Fraud and Abuse Act 1986, United Kingdom's Computer Misuse Act 1990 and Singapore's Computer Misuse Act 1993. These laws govern the conduct of use of computers, internet and network usage and protect the consumers from intrunsion, fraud, deception and theft within the on-line community. Computers are defined more deeply under the section 2, and refereed to as any device of interelated electronical and mechanical system enable to process data, calculate mathematical functions, store data, communicate data and display data. These do not include type writers and calculators. And networks are defined as "the interconnection of communication lines and circuits with computer or a complex consisting of two or more interconnected computers"

Under the CCA 1997 certain rules with penalty is enforceable in Malasyia.

Section 3 of the CCA 1997 is regarding the unathorized access to computer materials.

Section 4 of the CCA 1997 is regardin the unathorized access with the intent to commit or facilitate commission of further offence.

Section 5 of the CCA is regarding the unauthorized modification of the contents of any computer.

Section 6 regards the wrongful communication.

Section 7 Abetments and attempts punishable as offences.

Section 8 Presumption

The penalty could be a fine of up to RM 50,000 depending on the conduct of crime or could be imprisoned up to 10 years or even both.

Using digital signatures

Digital signature has become a way to authenticate the identity of a sender and to ensure that the original message or document is not tempered. It is a technological scheme that ensures the authenticity of digital messages and documents. It ensures the receiver that it was sent by the original creater of the message and it was not tampered by any other party during the transmission.

How it works:

The document is first converted by a software into a mathematical hash (a encrypted format of the message) and a private key is used to seal this encrypted message. When the sender receives the message, it will use a public key which was generated by the private key to decrypt the message hash to the valid message. The technicality of this is more complicated, but it is very important for financial data to be secured when being shipped away. Banks use this technological system to secure 24 hour transactions of financial data across the world. Digital signatures can be used to secure internal communication between banks across the nation.

image: Source (http://www.digitalsignature.in/digital-signature-pic.jpg)

Protection in the Cyber world

Now a days, vast amounts of information of internet users are gathered by corporate websites and their databases. Information such as name, address, contact numbers, mothers maiden name, financial information and other sensitive information is being accumulated by corporate entities to conduct their business operations in the Cyber world.

Now, these corporations such as private companies, banks and insurance companies hold very sensitive data of people. And as internet users are the primary stakeholders in this Cyber world, they should be aware of the many issues going on in. There are vast databases maintained by these entities which includes passwords to financial accounts or other accounts accessible to vital resources. In an article "Beware on inside job" written by Tan Weizhen of the Singapore Straits Times says that Singapore criminal activities on personal data is growing, especially in the financial sector. He further explains that investigations show that a lot of inside jobs are going on to create internally perpetrated fraud. Employees within the entity are stealing sensitive data for means of deceiving their customers. It was reported that 43% of the complaints was from the financial sector, other sectors included government agencies, energy sectors, manufacturing, retailing and technology sectors.

And Malaysia also has similar figures, and equally growing amounts of reports on personal data fraud schemes. And large corporations must ensure that these personal information is protected. Malaysia is still very new to the issue of digital protection, and the parliment is in the process of establishing Personal Data Protection (PDP) Bill and the 1st complete draft is available on the Malaysian parliment website. Basically what this bill states is the regulation of the data and how data should be kept confidential and private.

To sumerize in breif, the PDP bill contains 9 elements/principles governing how data should be collected, organized and handled with.

1. Personal data shall be collected fairly and lawfully

2. The purpose of collection of data must be stated

3. Use of personal data must be stated

4. Discloser of personal data shall be limited

5. Accuracy of personal data must be ensured

6. Retention of personal data- data kept only for a particular purpose and no other than that.

7. Access to and correction of personal data

8. Security of personal data

9. Information to be generally available

This PDP bill not only tries to protect the users, but provides a legal framework for entities to follow. Regarding the case in Singapore, these entities in the overall economy must take measures to digitally, electronically and physically secure personal data.

National Conference on PDP Law '09

(Source: www.pdpconsulting.com.my/.../2009/10/pdp_1.jpg)

For more further reading, check out my reference links, its just a google away!!. . .

Reference :

Personal Data Protection (PDP) Bill 2009, Sonny Zulhuda on December 5, 2009

Beware inside jobs, By Tan Weizhen. Singapore Straits times Dec 9 2009.

http://www.parlimen.gov.my/billindexbi/pdf/DR352009E.pdf

Hacking through an iphone

Recently the Dutch government has identified a group of cyber criminals operating through "cracked" iphones. Cracked Iphones, also known as "jailbroke" iphones, are iphones which are hacked so that other applications and programs could run on an iphone and not just the authorized ones. What the Dutch government has found are hackers operating by sending viruses to these jailbroken iphones and taking controls of network connections. This virus is known as the Duh worm, when an iphone user tries to access a bank website to make transactions, a phony website similar to those genuine websites appear and acquire user's details. iphone users are not to jailbrake their devices, "these hacks not only violate the warranty, they will also cause the iphone to become unstable and not work reliably"- Apple spokeswoman Natalie Harrison. Users of iphone must preserve its original system and not crack it for safety reasons. Its security risks are greater than its benefits.

(reference:http://www.themalaysianinsider.com/index.php/business/44397-jail-broken-iphones-hacked-by-new-virus)

The art of Phishing.

In the cyber world, phishing has become one of the famous methods of conducting crime. Phishing is referred as a form of crime to acquire sensitive personal information such as full name, age, address, credit card details and even pull it off by asking them directly for their password by pretending to be who they claim to be. Its a piece of cake for some people out there in the world of digital trade. Talented youngsters mostly responsible for creating fake websites pretending to be HSBC, alerts you that there is in need of "update" if not, your account shall be "terminated", one might easily fall prey due to the fact that the website is so perfectly designed to replicate as HSBC or any other entity.

The victim might be asked to fill out a form regarding information likned with banking details, the perfect combination needed to withdraw money from an account. As the victim clicks the enter/submit button, the data goes straight to the these cyber geek youngster sitting in front of their computers on the other side of the country. Phishing is a form of crime to steal personal data over the internet. Phishing can come in forms of emails, with a given link to connect too. There have been many cases of phishing where victims have easily fallen prey and have lost lot of money.

(source: http://static.howstuffworks.com/gif/phishing-6.jpg)

Above is a sample of phishing through an email message. Ounce these cyber geniuses get the personal data, they can have direct access to one's financial pot and could drain out their victims.

(yet to be updated)

Internet Contract Law?

What is a contract Law? What is a contract? A contract is any agreement between two or more parties. And a contract law is the formal agreement between these two or more parties and tends to make any agreement amongst parties legal. A contract law can cover many aspects such as a sale of certain goods such as properties, rent or hire purchases of certain goods and services such as renting an apartment or buying a car from the bank, contracts of employment, and many more. The purpose of a contract law is to insure that both parties complies to the agreement made, if any of these parties does not comply to the contract agreement, the other party is liable to take action by reporting to the courts and either force the defaulting party to carry out is promise or demand compensation in the form of damages. For example, a person can be agreed upon a contract when renting an apartment, the owner and the tenant shall sign upon a legal document, with stated terms & conditions, if any of these terms are broken by any of the parties, than the other party can take him to court for legal action. In other words the contract law creates a legal binding promise between the parties involved. It is a form of protecting each other from damages that might occur due to unethical practices. A contract law consists of elements such as offer & acceptance, Intentions to create Legal Relations, considerations, certainty, legality, legal capacity and free consent.

Let us examine contracts in regards with e-transactions. There are certain legal framework presented in the electronic commerce section. It has become a global trend to shop online, and the question, is an internet contract enforceable? Author Jonathan Frieden answers this question in his article, "Is an internet contract enforcebale?". According to him, "Though the Internet is fairly new, the enforceability of Internet contracts is governed by the well-established legal principles which apply to traditional written contracts. To form an enforceable contract, two or more parties must mutually assent to the terms of the contract and the contract itself must be supported by some consideration."

He says that this contract law over the internet is divided into 3 categories, and each being treated differently by the courts. The first category, shrink-wrap agreements, are agreements named for the license agreements contained in the packaging of commercial software products. Online, these contracts provide notice that continued use of the site will constitute the user's agreement to the site's terms and conditions. If proper written agreements are present to the website user, than only is this enforceable by law. The second category is click-wrap agreements, many commercial websites offer a terms and conditions notice to users before they purchase any product or service, by approving this terms & conditions, one is binded into the stated agreements. And under this condition does the traditional contract law principles apply. The last category is the is the browse-wrap agreements, these are terms & conditions which are purport to bind any user visit to the website. And by visiting this website, one is already binded with the browse-wrap agreements and does require further approval from the user.

Although these laws are present, author Jonathan Frieden says that "subject to traditional contract principles, click-wrap agreements are generally enforceable and browse-wrap agreements are very difficult to enforce. Shrink-wrap agreements lie somewhere in between, though recent case law supports their enforceability." A proper legal framework over the internet is yet absent in many countries and governments, businesses and consumers must be careful.

Jonathan Frieden

(reference: Is an internet contract enforceable? by Jonathan Frieden)

E-commerce: International Legal Framework

E-commerce is the new trend, in which business modules operate electronically over the Internet. Any transaction over the internet whether by an individual or by an organization is known as e-commerce. Shopping online from amazon.com is a form of e-commerce or buying travel tickets from airasia.com is also an e-commerce. E-commerce has grown substantially in the past decade, eliminating the traditional brick and mortar and thus has created convinience. Customers can survey and purchase their products from their own home at any time. It also eliminates intermediaries and also creates efficiency and pushes down costs. There are various forms of e-commerce such as B2B (business to business), B2C (business to consumers) and many more, we shall not go in too deep.

In an electronic market, consumers must be very carefull since they may become victims of unfair marketing practices. Consumers must be aware fraud, deception, misuse of personal information, insufficient disclosure of information such as refund policies, cyber crimes, contract terms and many more. There are numerous international e-commerce laws present to help protect the customers. Not only does it protect customers but also protects businesses and provides guidelines for companies/individuals setting up e-commerce sites. Let us examine two international legal framework targeted towards e-commerce.

OECD Guidelines for Consumer Protection in the Context of Electronic Commerce (1999) is a framework created to protect online consumers and eliminate certain uncertainties that consumers and businesses may incur. These guidelines are created to help governments, businesses and consumer representatives to develop, implement and maintain an online protection system. These guidelines established by OECD represents the existing legal protection available to both consumers and business and promotes fair business practices, advertising and marketing practices; clear information about an online business's identity, the goods or services it offers and the terms and conditions of any transaction; a transparent process for the confirmation of transactions; secure payment mechanisms; fair, timely and affordable dispute resolution and redress; privacy protection; and consumer and business education. This framework can be downloadable in many various languages and is an internationally recognized framework.

Another internationally recognized framework is the APEC BLUEPRINT FOR ACTION ON ELECTRONIC COMMERCE which provides the development and use of electronic commerce by creating legal, regulatory and policy environments in the Asia Pacific (APEC) region which are transparent, clear and well defined. This framework is to ensure e-business are operating at the proper standard and that governments and businesses should work together closely in order to regulate. Below is a fraction of the agreement under the APEC BLUEPRINT FOR ACTION ON ELECTRONIC COMMERCE retrieved from the Internet.

" The role of governments is to promote and facilitate the development and uptake of electronic commerce by :

• Providing a favourable environment, including the legal and regulatory aspects, which is predictable, transparent and consistent
  
  
• Providing an environment which promotes trust and confidence among electronic commerce participants
  
  
• Promoting the efficient functioning of electronic commerce internationally by aiming, wherever possible, to develop domestic frameworks which are compatible with evolving international norms and practices, and
  
  
• Becoming a leading-edge user in order to catalyse and encourage greater use of electronic means
  
  

For electronic commerce to flourish, business and government should cooperate wherever possible to ensure the development of affordable, accessible and interoperable communication and information infrastructure.

Government and business should co-operate to develop and implement technologies and policies, which build trust and confidence in safe, secure and reliable communication, information and delivery systems, and which address issues including privacy, authentication and consumer protection."

(source:http://www.apec.org/apec/leaders__declarations/1998/apec_blueprint_for.html)

The Legal System in Malaysia: Its evolution

The current Malaysian law has evolved in 3 major eras of time. Laws were already introduced during the era of the Melaka Sultanate at the beginning of the 15th century. At that time, Melaka was already a busy trading spot, and the maintainance of law and order was crucial in the country. The second era which shaped the Malaysian legal system is the spread if Islam in Malaysia. And lastly is due to the colonial rule by the British in the 1790's, this brought out the

constitutional government and the common law system which we see today.

After the independence in 1957, most of the laws of England were imported and either made into local constitution or simply applied as case laws. Malaysian law is also based on other laws of other countries such as Australia and India. The criminal law of Malaysia, the Criminal Procedure Code is based on the Indian criminal code. Similarly, the Contracts Act is based on the Indian model as well. Malaysian land law is based on the Australian Torrens system.

The Constitution of Malaysia, is the supreme law of the land and sets the legal framework and rights of Malaysian citizens. Federal laws enacted by the Parliament of Malaysia which applies throughout the country. There are also state laws enacted by the State Legislative Assemblies which applies in the particular state. The constitution of Malaysia also provides a unique dual justice system—the secular laws (criminal and civil) and Syariah laws. The Consitution also defines their government and monarch and their powers

Malaysia has a dual justice system, The dual system of law is provided in Article 121(1A) of the Constitution of Malaysia. The federal constitution imposes Islamic Law to Muslilms in the country. Islamic laws are known shariah (syariah) laws and its court known as the syaria court. Islamic laws is only limited to Muslims, although it plays a small role in defining the laws of the country, Islamic laws plays in important role in personal matters such as marriage, inheritance and apostasy. Islamic laws are also state laws which are carried out dualy. An example of the dual system is, in Malaysia night clubs, bars and pubs could be raided under the syariah court and Muslims caught drinking and wearing clothes that exploit would be sent to the syariah court of justice. On the other hand non-muslims are allowed to drink and the syariah law does not apply to them.

Fedral laws are made by the parliment of Malaysia. State laws are created by the state legislative assembly and apply to particular states. Laws in Malaysia can be broken down into two types of laws, written and non-written. Written laws are those which has been layed out by the constitution and the parliment. Unwritten laws are laws which are not contained in any statutes and can be found in case decisions. This is known as the common law or case law. In situations where there is no law governing a particular circumstance, Malaysian case law may apply. If there is no Malaysian case law, English case law can be applied. Apart from English laws Australian, Indian, and Singaporean cases are used as persuasive authorities.

(blog yet to be updated)

Introduction to Law: The presence of Law in this World.

A law, basically is referred to any set of uniform principles such as, laws of science, laws of economics, laws of nature, laws of attraction and many more. All these laws explain a basic uniform principle to support certain theories. And thus, laws associated with the society, refers to law as a system of rules, usually enforced through a set of institutions. It shapes politics, economics and society in numerous ways and serves as an important social mediator of relations between people.

The purpose of law in the society is too regualte and control behavoiur, so that people follow ethical codes and standards. Each and every country have laws of their own, laws may differ from country to country, city to city, and even neighborhood to neighborhood.

Laws are created to govern people, so that people do not conduct anything inappropriate within their society. A law consists of rules, sovereignty and enforcing power, it also includes punishment if necessary. For example, many countries may impose laws such as driving with your seat belt in place. And the punishment by law can be a fined for a few dollars or even be jailed, some countries are very strict on this matter. Law can be categorized into two, Public Laws and Private Laws. Public law is a theory of law governing the relationship between individuals (citizens, companies ) and the state. Public law deals with law involving the state, which includes regulatory statutes, penal law and other law of public order. Constitutional laws, administrative laws and criminal laws are sub-divisions of public law. Acts such as theft, murder, fraud and driving under the influence of alchohol are examples of public law. The police are constantly engaging on enforcing public law.

Private law also known as Civil law, is that part of a legal system that involves relationships between individuals/parties. This includes the law of contracts, torts, the law of obligations, property law and such. In general, private law is the area of law in a society that affects the relationships between individuals or groups without the intervention of the state or government. Usually private laws are handled by lawyers and may take time to proceed.

Basically the law is there to defend and protect the people from bad things that may happen. It is there to provide equality in times of dispute. It should be designed in a way so that the citizens of a nation are safe.

After understanding what law is, and the two categorize of law, it is important to study into who creates the law, who imposes it and how it works. Through out my blog, I shall discuss on Malaysia, as the country of reference/study and will try to differentiate with laws present in other countries, such as Indonesia and other countries of the European region. Since certain laws of Malaysia may not be similar of other countries. A simple example is Holland, it is not illegal to possess marijuana of no more than 3 grams. Yet, it would be a crime if a person driving is under the influence of marijuana. Citizens of Holland are allowed to smoke marijuana in specialized local coffee houses, but in other countries such as Malaysia and Indonesia, its is illegal to posses and smoke marijuana and is a serious crime.

In Indonesia, it is illegal for a motorcyclist to ride on the highway, but in Malaysia, motorcyclist's are allowed on the speeding highway. Laws differ from place to place, this is usually to the difference in perception of certain things amongst the people.