Now a days, vast amounts of information of internet users are gathered by corporate websites and their databases. Information such as name, address, contact numbers, mothers maiden name, financial information and other sensitive information is being accumulated by corporate entities to conduct their business operations in the Cyber world.
Now, these corporations such as private companies, banks and insurance companies hold very sensitive data of people. And as internet users are the primary stakeholders in this Cyber world, they should be aware of the many issues going on in. There are vast databases maintained by these entities which includes passwords to financial accounts or other accounts accessible to vital resources. In an article "Beware on inside job" written by Tan Weizhen of the Singapore Straits Times says that Singapore criminal activities on personal data is growing, especially in the financial sector. He further explains that investigations show that a lot of inside jobs are going on to create internally perpetrated fraud. Employees within the entity are stealing sensitive data for means of deceiving their customers. It was reported that 43% of the complaints was from the financial sector, other sectors included government agencies, energy sectors, manufacturing, retailing and technology sectors.
And Malaysia also has similar figures, and equally growing amounts of reports on personal data fraud schemes. And large corporations must ensure that these personal information is protected. Malaysia is still very new to the issue of digital protection, and the parliment is in the process of establishing Personal Data Protection (PDP) Bill and the 1st complete draft is available on the Malaysian parliment website. Basically what this bill states is the regulation of the data and how data should be kept confidential and private.
To sumerize in breif, the PDP bill contains 9 elements/principles governing how data should be collected, organized and handled with.
1. Personal data shall be collected fairly and lawfully
2. The purpose of collection of data must be stated
3. Use of personal data must be stated
4. Discloser of personal data shall be limited
5. Accuracy of personal data must be ensured
6. Retention of personal data- data kept only for a particular purpose and no other than that.
7. Access to and correction of personal data
8. Security of personal data
9. Information to be generally available
This PDP bill not only tries to protect the users, but provides a legal framework for entities to follow. Regarding the case in Singapore, these entities in the overall economy must take measures to digitally, electronically and physically secure personal data.
National Conference on PDP Law '09
(Source: www.pdpconsulting.com.my/.../2009/10/pdp_1.jpg)
For more further reading, check out my reference links, its just a google away!!. . .
Reference :
Personal Data Protection (PDP) Bill 2009, Sonny Zulhuda on December 5, 2009
Beware inside jobs, By Tan Weizhen. Singapore Straits times Dec 9 2009.
http://www.parlimen.gov.my/billindexbi/pdf/DR352009E.pdf
No comments:
Post a Comment