scholarly journals Digital Tracing and Malaysia's Personal Data Protection Act 2010 amid the Covid-19 Pandemic

2021 ◽  
Vol 1 (1) ◽  
pp. 47-62
Author(s):  
Olivia Tan Swee Leng ◽  
Rossanne Gale Vergara ◽  
Shereen Khan
Keyword(s):  
Data Protection ◽  
Mobile Applications ◽  
Personal Information ◽  
Effective Means ◽  
Personal Data ◽  
Third Party ◽  
Contact Tracing ◽  
State Agencies ◽  
Personal Data Protection ◽  
And Control

Digital tracing is a proven effective means for the Malaysian government to trace and control the spread of COVID-19. However, the process of tracing and tracking in order to manage the spread of the pandemic have in many ways compromised personal information to third party applications. Malaysia is not the only country that uses digital tracing to manage the spread of the pandemic. Various countries have chosen different methods for digital contact tracing to manage the spread of COVID-19 and some are less respectful of privacy than others. This paper analyses Malaysia’s Personal Data Protection Act 2010 (PDPA) and its effectiveness in protecting personal data during the pandemic as Malaysians continue to utilise the contact tracing mobile applications such as MySejahtera and SELangkah. The researchers applied doctrinal research method and analysed the current Malaysian legislation on data protection. It should be noted that the PDPA does not apply in the case of government collection and would not require federal and state agencies to be transparent in their data management.

scholarly journals Addressing Anticompetitive Data Aggregation: a Comment to Bundeskartellamt Decision B6-22/16

2019 ◽  
Vol 12 (19) ◽  
pp. 139-171
Author(s):  
Laura Skopowska
Keyword(s):  
Data Protection ◽  
Mobile Applications ◽  
Data Aggregation ◽  
Personal Data ◽  
Third Party ◽  
Competition Authority ◽  
German Market ◽  
Dominant Position ◽  
Combining Data ◽  
Barrier To Entry

Data aggregation, understood as the process of gathering and combining data in order to prepare datasets that might be useful for specific business or other purposes, is not per se forbidden. However, some forms of it can be considered anticompetitive. In the Decision B6-22/16 of the German Federal Cartel Office (Bundeskartellamt) data aggregation, which included the collection of data from sources outside of Facebook’s social network (from Facebook-owned services such as WhatsApp and Instagram and from third party websites or mobile applications) and their combination with the information connected with a particular Facebook user account without that user’s consent, constituted an abuse of Facebook’s dominant position on the German market for social networks. The Bundeskartellamt found that the processing of user’s personal data by Facebook has, to some extent, been carried out in a way which infringed GDPR provisions. In the same decision, the Bundeskartellamt also identified the exclusionary nature of Facebook’s anticompetitive behaviour. According to the Bundeskartellamt, the illegal data aggregation formed a barrier to entry for Facebook’s competitors which, through compliance with data protection standards, found themselves in a worst position. Facebook, through its inappropriate data aggregation gained a competitive advantage. The Bundeskartellamt’s decision is, therefore, reflecting the anticompetitive dangers that data aggregation might pose. Nevertheless, it is debated whether the Bundeskartellamt, as a competition authority, is competent to determine the compliance or lack of compliance of business terms with the provisions of the GDPR. This paper analyzes the Bundeskartellamt’s decision as to where an anticompetitive nature of data processing has been identified, and tries to answer the question why it is problematic that it was the Bundeskartellamt and not a data protection supervisory authority that has issued such a decision.

scholarly journals THE EFFECTIVENESS OF THE MINISTER OF COMMUNICATION AND INFORMATICS REGULATION NUMBER 20 OF 2016 ON THE PROTECTION OF PERSONAL DATA IN ELECTRONIC SYSTEMS

2019 ◽  
Vol 8 (1) ◽  
pp. 119
Author(s):  
Fadhilah Pijar Ash Shiddiq ◽  
Sinta Dewi Rosadi ◽  
Rika Ratna Permata
Keyword(s):  
International Law ◽  
Data Protection ◽  
Personal Data ◽  
Information Privacy ◽  
Third Party ◽  
Electronic Systems ◽  
Personal Data Protection ◽  
Positive Law ◽  
Sim Card ◽  
The Right

<p>Privacy, as a part of Human Rights, is the right of freedom of private matters. The basic concept of privacy is “the right to be let alone” which state that every individual have the right to have his own solitude without intervention. One of the most important information which also can be associated with Information Privacy is Personal Data that shall be protected as a form of protection to the privacy itself. Some of the personal data has been used as the requirements of the SIM Card Registration, thus making new problems regarding its personal data protection since the comprehensive regulation still covered only by the Ministral Regulation. Research method used in this paper is Descriptive Analytic in which the writer analyze the research object by explaining the situation and the condition of the personal data protection obtained from literatures on the facts that can be associated with the implementation of SIM Card Registration Policy according to Indonesia’s Positive Law and International Law. According to the result of the study, the Ministral Regulation already covered most of the basic data protection needed in the SIM card registration policy, however the protection provided by the Ministral Regulation still has not covered the third party involved. The Involvement of this third party is inevitable and should be protected immediatelyin order to prevent any abuse of personal data.</p>

scholarly journals Personal Data Security in South Africa’s Financial Services Market: The Protection of Personal Information Act 4 of 2013 and the European Union General Data Protection Regulation Compared

2021 ◽  
Vol 24 ◽  
pp. 1-32
Author(s):  
Tapiwa V Warikandwa
Keyword(s):  
European Union ◽  
Data Protection ◽  
Financial Services ◽  
Personal Information ◽  
Personal Data ◽  
African Countries ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
General Data ◽  
Laws And Regulations

The contemporary global financial services market has witnessed a substantial increase in cybercrime which places consumers’ personal data at risk. Rapid increases in cybercrime linked to the financial services market have driven financial market regulators to pass novel laws and regulations aimed at curbing the rate of occurrence of cybercrimes connected to personal data sharing. To that end, banks and/or financial services companies in Europe have swiftly moved to comply with the European Union’s General Data Protection Regulation. Whilst personal data protection regulation is not a new concept in Europe, most African countries (with exception of South Africa) do not have laws and regulations on personal data protection. With the financial services market being extremely vulnerable to cyber risks owing to the digitisation of the financial services sector, it is important to assess the suitability of South Africa’s current regulatory framework concerning the protection of personal data. This article thus examines South Africa’s Protection of Personal Information Act 4 of 2013 with a view to ascertaining its suitability and/or adequacy in protecting personal data in the country’s financial services market. With the global Covid-19 pandemic bringing about concerns related to rapid increases in cyber-attacks in the financial services market owing to the increased sharing of the sensitive personal data of consumers, there is also need to test the POPIA’s conformity with the strict European Union GDPR personal data protection guidelines.

scholarly journals Risk Analysis and Control of Personal Data Protection in the Population Administration Information System

2019 ◽  
Vol 3 (3) ◽  
pp. 496-504
Author(s):  
Iqbal Santosa ◽  
Raras Yusvinindya
Keyword(s):  
Risk Analysis ◽  
Data Protection ◽  
Personal Data ◽  
Legal Protection ◽  
Primary Data ◽  
Risk Level ◽  
Public Attention ◽  
Personal Data Protection ◽  
Risk Management Process ◽  
And Control

Sistem Informasi Administrasi Kependudukan (SIAK) is an application used in managing personal data of residents in all cities/districts in Indonesia. Personal data becomes the public attention because if it is not managed properly it will have an impact on one's legal protection and non-compliance with regulations, i.e. Permenkominfo Nomor 20 tahun 2016 about Protection of Personal Data in the Electronic System. Risk analysis and control of personal data protection on SIAK applications are needed so that the personal data management can be carried out properly and comply with regulatory requirements. Data collected for this study are primary data, sourced from direct observations on the application, interview about assets related to SIAK along with possible risks, and also internal organizations documents. Data analysis was performed with a risk analysis using the ISO 31000: 2018 risk management process approach, where the identification of relevant risks refers to the Generic Risk Scenarios COBIT 5 For Risk, and the determination of relevant controls refers to the Department of Defense Instruction 8500.2 and NIST 800-53. This research involves the Head of Department and employees of Disdukcapil XYZ City that are related to the strategic and operational aspects of SIAK. The results of this study are the identification of 23 possible risks that are spread over 5 processes of personal data protection that classified into the medium-high risk level, and proposed risk control consisting of 19 preventive controls, 6 detective controls, and 2 corrective control.

scholarly journals Personal Data Protection in Indonesia: Legal Perspective

2020 ◽  
Vol 7 (7) ◽  
pp. 183
Author(s):  
Andriyanto Adhi Nugroho ◽  
Atik Winanti ◽  
Surahmad Surahmad
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Third Party ◽  
Data Breaches ◽  
Personal Data Protection ◽  
Private Data ◽  
Legal Perspective ◽  
Consumer Data ◽  
Financial Technology

The arrangement of personal data protection in national law is stipulated explicitly in the regulation of the Minister of the Ministry of communication and  Informasi  No. 20 of 2016 on the protection of personal data. In Indonesia, there are no rules that accommodate the protection of personal data on financial technology. That can be hazardous when the economic response of technology is not limited to its use. The case of personal data is not contained in the case of a Such hazard that may arise. The case from the theft of personal data, damage to the system that may allow the occurrence of data breaches, misuse of personal data that has been the business ruled itself, or other parties who may access personal consumer data (such as government). The need to set this up is important because private data is a person's privacy right. Still, it can fundamentally be economically valuable for a third party who is about to take advantage of it.

scholarly journals PERSONAL DATA PROTECTION LAW USED IN MOBILE PHONE SIM CARD REGISTRATION IN INDONESIA

Notaire ◽  
2019 ◽  
Vol 1 (2) ◽  
pp. 267
Author(s):  
Mahendri Putri Sholichah ◽  
Dewi Rumaisa
Keyword(s):  
Data Collection ◽  
Mobile Phone ◽  
Data Protection ◽  
Data Transfer ◽  
Personal Information ◽  
Personal Data ◽  
Sensitive Data ◽  
Personal Data Protection ◽  
Sim Card ◽  
Data Protection Law

The growths of technology make the privacy of personal information become an important issue in most countries, including Indonesia. Utilization of personal data is common things in most of our activity within the cyberspace and in this case, even the advancement of technology cannot neglect the privacy of personal information. The abusing of the data record, especially the data that belongs to the personal data category, the information that exists within this data could go to the public when it is leaked. One of the cases related to the personal data abuse is registration of thirty mobile phone SIM cards using one person’s personal information without the consent of personal information owner. This paper explains about personal data cases related to the mobile phone SIM card registration, and from this case, some issues about the abusing of personal data will be taken as an example to give consideration for legislating personal data protection. Moreover, this paper also explores the purpose of personal data collection, sensitive data collection, limitation of data collection, storage of collected personal data, transfer of collected personal data, and deletion of collected personal data. This paper convinces the urgency drafting of personal data protection law for country likes Indonesia. Therefore it is hoped that this paper will become one of many considerations for the Indonesian government to include personal data protection law into their national legislation program and legislate the personal data protection law in recent times.

scholarly journals Current issues over electronic commerce in Brazil: vertical integration between platforms and payment systems, personal data protection and international regulatory cooperation

2018 ◽  
Vol 4 (2) ◽  
pp. 61-76
Author(s):  
Alexandre Veronese ◽  
Marcelo Cunha
Keyword(s):  
Electronic Commerce ◽  
Vertical Integration ◽  
Data Protection ◽  
Personal Information ◽  
Personal Data ◽  
Payment Systems ◽  
Trade Relations ◽  
Personal Data Protection ◽  
Legal Provisions ◽  
Regulatory Cooperation

This article focuses on the trending issues about vertical integration between payment systems and the electronic commerce platforms from a Brazilian perspective. It describes the increasing international electronic commerce and it indicates three kinds of potential risks to consumers: direct, indirect and social. It shows that vertical integration can bring some benefits, which are very difficult to measure due to the related risks. The article creates a model of the remote commerce based on an evolution of a typology of typical trade relations to shed some light over the current automatization. Afterwards, the article states that the leakage of personal information coupled with vertical integration is a major threat to electronic businesses. It describes two international cases of mass data leakage to demonstrate the difficulties faced by the national systems in regulating transnational electronic commerce and data protection. Then, the article performs an assessment of the Brazilian legal system to conclude that there is a grave lack of integration of the electronic commerce regulations and that there is an absence of international cooperation provisions designed for electronic commerce. It concludes that Brazilian law may benefit from international experiences of personal data protection, and that the new legal provisions must take in account the risks associated with internationalization and vertical integration.

scholarly journals Personal Data Protection and Access to Archives in Ukraine: From the National and International Perspective

Atlanti ◽  
2018 ◽  
Vol 28 (2) ◽  
pp. 61-70
Author(s):  
Maryna Paliienko
Keyword(s):  
Data Protection ◽  
Personal Information ◽  
Public Information ◽  
Personal Data ◽  
International Perspective ◽  
Economic Life ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
The Right

The article is devoted to the analysis of the General Data Protection Regulation, which came into force on May 25, 2018, on the territory of the member states of the European Union, in comparison with the legislation on personal data that operates in Ukraine. The following basic concepts such as “personal data”, “personal data bases”, “information protection”, “the right to access to information”, “the right to erasure” are considered. Special attention is paid to the activities of archives in collecting, processing, storing and providing access to documents that contain personal information. It is analyzed the Laws of Ukraine “On Information”, “On Protection of Personal Data”, “On Access to Public Information”, “On the National Archival Fond and Archival Institutions”. It has been pointed out that the GDPR has very important value for European socio-political and economic life, for working out data protection standards and a new international privacy protection framework.

scholarly journals Personality information culture: essence and content

2021 ◽  
pp. 159-166
Author(s):  
N. UKHANOVA
Keyword(s):  
Data Protection ◽  
Personal Information ◽  
Personal Data ◽  
Legal Regulation ◽  
The State ◽  
Learning System ◽  
Information Culture ◽  
External Interference ◽  
Personal Data Protection ◽  
Stage Of Development

The article deals with the study of the essence and features of the information culture of an individual and clarification of its role in the field of legal regulation of public relations in the state. The methodology of research of the phenomenon of personal information culture is based on provisions of the general scientific dialectical method of scientific knowledge. Besides, formal legal and formal logical methods were applied for full and thorough coverage of the topic of this article. It is substantiated that the development of such a culture in the modern period is mainly influenced by internal factors (including observance of the principle of legality, the rule of law, and protection of human rights), and external threats to human and civil security within the state. It is proved that information culture in the narrow sense can be interpreted as the best ways to exchange data, information and present them to interested ©  Уханова Н.С., 2021 consumers to solve theoretical and practical problems, as well as mechanisms to improve the learning system, prepare people for effective use of information. The main elements of information culture include the following: a) communicative (communication culture); b) lexical (culture of preparing and issuing business documentation, language culture); c) intellectual (culture of research and mental activity); d) information and legal; worldview and moral. All these elements of the personal information culture are interconnected and interdependent. It is concluded that the topic of personal data protection, which has reached a new level, has become especially relevant at the present stage of development of the information society. It is argued that a promising mechanism for personal data protection in the information sphere will be the use of Blockchain technologies, which will ensure reliable synchronization and security of data, prevent them from changing as a result of external interference. It is proposed to interpret the information culture of an individual as a reflection of a set of material and intellectual values of man, which allow to effectively apply various methods of working with information, including being a participant in information relations. A promising study in the field of information culture of an individual will be the development of the structure of this category and its relationship with other legal categories of information law. A particularly important issue that will require legal regulation will be the field and technology of using artificial intelligence as a phenomenon that will not only help to make a quantum leap in medicine, science, education, but also carries great security risks.

Sign in / Sign up

Export Citation Format

Share Document