We would like to place strictly necessary cookies and performance cookies on your computer to improve our website service.
To find out more about how we use cookies and how you can change your cookies settings, please read our  cookies statement.                
Otherwise, we'll assume you are OK to continue.   Please close this message

New Malaysian Data Protection Law

15 November 2013

This article was written prior to the formation of Charles Russell Speechlys, through the merger between Charles Russell and Speechly Bircham.

The much anticipated Malaysian Personal Data Protection Act (PDPA) finally came in to force today. Businesses have a 3-month transitory period to roll out appropriate policies and procedures in order to achieve compliance with the PDPA. PDPA will introduce registration obligations and seven data privacy principles which are very similar to those under the EU framework.  Sanctions for non-compliance with PDPA will result in fines of up to 300,000 ringgit (EUR 75,000) and/or up to three years imprisonment.  Robert Bond is a member of the Malaysian Data Protection Advisory Board; we are therefore well placed to advise on the compliance process.