Akta Perlindungan Data Peribadi | Personal Data Protection Act 2010 [Act 709]

Yes, finally this act will come into force on Jan 1, 2013. (*Ralat..sehingga 20 September 2013, Akta ini masih belum dikuatkuasa)

Under the Act, “personal data” means “any information in respect of commercial transactions, which —

(a) is being processed wholly or partly by means of equipment operating automatically in response to instructions given for that purpose;

(b) is recorded with the intention that it should wholly or partly be processed by means of such equipment; or

(c) is recorded as part of a relevant filing system or with the intention that it should form part of relevant filing system, that relates directly or indirectly to a data subject, who is identified or indentifiable from that information or from that and other information in the any sensitive personal data and expression of opinion about the data subject; …”. (section 4 of PDPA)

Maknanya.. semasa kita mengisi borang atau apply loan kereta, credit card etc, pelbagai data peribadi kita telah diisikan. Jika masa sekarang, kita sering menerima random calls dari insurance agent, credit card service offer pelbagai services and product without our concerns. Di manakah data kita telah mereka perolehi? Siapakah pihak ketiga itu? Tiada siapa dapat membantu hanya diri kita saja dengan berkata “saya tidak berminat” atau bermacam-macam lagi alasan bukan?

Yes, dengan berkuatkuasanya Akta ini, maka mereka yang menggunakan data peribadi kita tanpa kebenaran boleh lah dikenakan tindakan undang-undang, nak tahu apakah tindakan itu?

The penalties for breaching the PDPA include the imposition of fines of up to RM500,000 and/or a term of imprisonment not exceeding two years. Directors, CEOs, COOS, managers or other similar officers have joint and several liability for non-compliance by the body corporate, subject to the due diligence defence. The Commissioner is not empowered to order compensation for damage suffered, and there is no express right to pursue a civil claim for non-compliance.

Ha lihat kuasa di tangan kita untuk menjaga data kita.

 The key objective of the legislation is to regulate the processing of personal data in the context of commercial transactions by data users, and to safeguard the interests of data subjects.

 The PDPA seeks to achieve this through the following seven principles:

  • General Principle
  • Notice and Choice Principle
  • Disclosure Principle
  • Security Principle
  • Retention Principle
  • Data Integrity Principle
  • Access Principle

The principles will provide protection to the individual’s personal data, thereby safeguarding the interests of consumers, and e-commerce, network and non-network facility practitioners.

Mengikut Seksyen 10 Akta ini;

Prinsip Penyimpanan

10.
(1) Data peribadi yang diproses bagi apa-apa maksud tidak boleh disimpan lebih lama daripada yang diperlukan bagi memenuhi maksud itu.
(2) Menjadi kewajipan seorang pengguna data untuk mengambil segala langkah yang munasabah untuk memastikan bahawa segala data peribadi dimusnahkan atau dipadamkan secara kekal jika data peribadi itu tidak lagi dikehendaki bagi maksud yang baginya data peribadi itu hendak proses.

Maknanya, data kita tidak boleh disimpan dan digunapakai untuk tujuan lain, selain dari tujuan yg kita inginkan.

So anda semua, ingat. Kuasa di tangan kita!

To read more on PDPA click this link PDPA

Share This Post

Comments are closed.