‘ I can’t in good conscience allow the U.S. government to destroy privacy, internet freedom and basic liberties for people around the world with this massive surveillance machine they’re secretly building. ‘ — Edward Snowden, American author
Can sensitive and private information about us be shared, bought or sold freely by anyone or organisation?
Our Communications and Multimedia Act 1998 prohibits the transmission of offensive content (which is indecent, obscene, false or menacing) with the intent to annoy, abuse, threaten or harass any person. But, this is only in respect of offensive content. It does not seem to specifically cover the right to privacy.
In fact, to date, no law guarantees that our privacy should not be invaded. Even in our Federal Constitution, there is no direct or specific reference giving us a right to privacy.
The widespread use of technology and its rapid advancement has been good for us. However, it also leads to some areas of concern where privacy can be an issue. Nowadays, almost anyone can have access to any personal information of others.
The Internet has become an essential platform for many to store information on people.
This ranges from our details in government databases, such as medical records, to customer relationship databases in private organisations.
We have the Personal Data Protection Act 2010 (PDPA). However, this deals specifically with personal data rather than “privacy” matters.
The main aim of the PDPA is to safeguard the personal data of individuals that have been collected, stored and used (“data subject”).
The definition of ‘Personal Data’ covers details such as your name, address, contact details and national registration identity card.
It also includes ‘sensitive’ personal data such as a person’s physical or mental health condition, political opinions, and even religious beliefs.
So from here, it can be seen that PDPA focuses on regulating the processing of personal data in commercial transactions rather than on privacy matters.
Section 509 of the Penal Code makes it a criminal offence to “intrude upon the privacy” of a person, but this only strictly applies to actions that insult the modesty of a person.
Generally, privacy is defined as the right to be let alone or freedom from interference or intrusion.
Whereas information privacy is the right to have some control over how your personal information is collected and used.
Over the last few days, there has been a hue and cry about all our information stored in the MySejahtera app.
Initially, there were reports that the government had made a deal to sell MySejahtera to a private company.
There was a subsequent outcry about the nature of the sale.
Significantly, concerns were raised about the private details and health-related information about millions of Malaysians.
Many pointed out that the data in MySejahtera contains a large amount of private personal health data, including intimate details about people’s personal preferences, movement, consumption patterns, and personal social networks.
There is a high degree of concern that all this information would be used for marketing purposes, product development, and surveillance, including even for discrimination purposes.
In an era when ‘big data’ and ‘data mining’ is big business, an app such as MySejahtera with billions of check-in and details would be a huge goldmine for a private company with access to all that confidential information.
However, now Health Minister Khairy Jamaluddin has clarified the MySejahtera application used for COVID-19 contact tracing has not been sold to any private company.
He further stated that the private data on all Malaysians handled by the application is secure, and secrecy is guaranteed and has not been compromised.
Despite this assurance, many Malaysians remain sceptical. There have been various allegations of data leaks in the past.
I am sure many people have experienced scam calls and also messages.
There are also concerns about identity theft from these data leaks from time to time.
In 2020 there were 517 reports of identity thefts that can cause significant financial and legal distress.
We, too, tend to be quite liberal in giving out private information.
Our social media is one such platform where we tend to share a lot of information.
Some countries give their citizens specific rights to privacy via their constitution.
In Finland, their constitution guarantees their citizen’s private life and honours the sanctity of the home with inalienable rights.
This includes secrecy of correspondence, telephony, and other confidential communications are inviolable rights.
So while we do have elements of legal protection about our data and privacy, it is deemed insufficient to ensure comprehensive coverage.
It is now timely to lobby our legislators to pass our own Malaysian legislation that provides protection for all types of privacy. This also helps to protect our human rights and liberties.
