
Telcos assure anonymity, security for customers with data-sharing initiative
PETALING JAYA: Reaffirming their commitment to protecting customer privacy, telcos say data shared with the Malaysian Communications and Multimedia Commission (MCMC) is strictly anonymised.
CelcomDigi clarified its involvement in the Mobile Phone Data (MPD) initiative by MCMC, emphasising that it adheres to the highest standards of data protection.
The company's policies, it stated, are in line with the Communications and Multimedia Act, the Personal Data Protection Act, and other relevant regulations.
'We continuously conduct comprehensive reviews of privacy and data protection compliance across the company to drive constant improvements, aligned with best practices, and to stay abreast of new and emerging legislation,' it said in a statement yesterday.
Anonymisation is a data processing technique that removes or modifies personally identifiable information, resulting in data that cannot be associated with any one individual.
CelcomDigi has pledged to continue working intently with MCMC to support the government's initiatives without compromising the integrity of customer data, adding that adequate processes and controls would remain in place.
'When required, CelcomDigi will process requested data within our own secure environments and provide a limited sample of relevant fields, comprising anonymised and aggregated output, to MCMC.
'At all times, we will operate under tight security protocols and in compliance with relevant data protection laws and regulations, with stringent limitations on any personal identifiable information,' it said.
Telekom Malaysia (TM) said the MPD submitted to MCMC was fully anonymised and did not contain personally identifiable information.
'The submission of this data is carried out under strict governance and security protocols, in full compliance with applicable company policies as well as national laws and regulatory requirements.
'TM remains fully committed to safeguarding the safety and privacy of customer data with responsibility and integrity,' it said.
In its response, UMobile said at no point will personally identifiable information be shared or processed when the MPD is shared.
'UMobile affirms that the privacy and protection of our customers' data is a top priority. We are aware of the objectives of the initiative and are committed to working with MCMC in a manner that upholds the highest standards of data governance,' it said.
It was reported that, according to industry sources, the government had instructed local telcos in April to hand over detailed call and Internet usage logs for the first quarter of the year under the MPD project.
The data requested reportedly included call logs and IP call records, as well as precise location information, including latitude and longitude.
The report stated that telcos which fail to comply will be considered to have infringed the Communications and Multimedia Act, which carries a RM20,000 fine or six months' jail.
MCMC has since explained that the move was to support evidence-based policymaking in two key sectors – Information and Communication Technology, and tourism.
It stated that the data will be anonymised before it is submitted and that no individual subscriber could be identified through the data collected.
YTL Communications Sdn Bhd confirmed that it has complied with MCMC's directive to submit mobile network usage records for the first quarter of 2025 in support of the government's recently approved mandate to use MPD for national statistics.
'In fulfilling this obligation, YTL Communications has taken rigorous steps to anonymise all data prior to submission.
'No personally identifiable information has been shared, and customer privacy remains our highest priority,' it said in a statement.
Hashtags

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles


The Sun
an hour ago
- The Sun
Digital Ministry urges public to trust data protection measures under Act 709
JOHOR BAHRU: Malaysians need not worry about data breaches as their personal information is protected under the Personal Data Protection Act 2010 (Act 709), said Deputy Minister of Digital, Datuk Wilson Ugak Kumbong. He emphasised that the government has taken necessary measures to safeguard personal data and urged the public to trust its commitment to data security. 'Parliament passed Act 709 to ensure users' data is protected. CyberSecurity Malaysia also monitors the system 24/7 to detect and fend off hacking attempts,' he said. 'We must have confidence in the national data security system. Without it, foreign investors may hesitate to invest in Malaysia. With laws like Act 709 in place, we should trust that our data is secure,' he added. He was speaking at the launch of AIRFEST 2025: Artificial Intelligence and Robotics Festival at Universiti Teknologi Malaysia in Skudai today. Recently, the South China Morning Post reported that the Malaysian Communications and Multimedia Commission (MCMC) had requested telcos to submit mobile call data from January to March. MCMC clarified that the data collected contained no personal identifiers or any information that could be used to identify individuals.


The Sun
an hour ago
- The Sun
Digital Ministry urges public to trust data protection measures
JOHOR BAHRU: Malaysians need not worry about data breaches as their personal information is protected under the Personal Data Protection Act 2010 (Act 709), said Deputy Minister of Digital, Datuk Wilson Ugak Kumbong. He emphasised that the government has taken necessary measures to safeguard personal data and urged the public to trust its commitment to data security. 'Parliament passed Act 709 to ensure users' data is protected. CyberSecurity Malaysia also monitors the system 24/7 to detect and fend off hacking attempts,' he said. 'We must have confidence in the national data security system. Without it, foreign investors may hesitate to invest in Malaysia. With laws like Act 709 in place, we should trust that our data is secure,' he added. He was speaking at the launch of AIRFEST 2025: Artificial Intelligence and Robotics Festival at Universiti Teknologi Malaysia in Skudai today. Recently, the South China Morning Post reported that the Malaysian Communications and Multimedia Commission (MCMC) had requested telcos to submit mobile call data from January to March. MCMC clarified that the data collected contained no personal identifiers or any information that could be used to identify individuals.


The Star
7 hours ago
- The Star
The stamp duty Pandora's box
STAMP duty is a topic that many think of only when purchasing a property, renting, bank financing and purchasing a company's shares. In actuality, the list of instruments chargeable with stamp duty spans well over 20 pages. The list is found in the first schedule of Stamp Act 1949 (as amended). The said list includes 'Agreements' in broad terms. On June 6, the Inland Revenue Board (LHDN) made an announcement that the government would remit stamp duty on employment contracts entered prior to Jan 1, and time is allowed until the end of the year for employment contracts entered during the year. This is good news in providing certainty to businesses while the technicalities are being worked out as to whether the various employment-related documentations are required to be stamped. Given that the ministerial exemption is limited to only employment contracts, businesses such conduct a risk or impact assessment in relation to all other agreements – including those entered into prior to Jan 1. The risk or impact assessment such include the following: > Intercompany agreements for services/financing within the same group of companies, > Agreements with third party customers/vendors for services or lease of equipment, > Tenancy agreements, and > Any other agreements. The list above is not exhaustive. It is important to recognise that not all agreements are subject to a nominal stamp duty of RM10. Some agreements attract an ad valorem duty, which means the duty is a percentage or is in proportion to the instrument/contract value. Risk assessment is important to create a self-awareness on the organisation's affairs and potential exposure, given that LHDN has been actively auditing businesses for stamp duty compliance since beginning of this year. One should not confine the risk assessment exercise to physical documents bearing the title 'Agreement'. Offer, acceptance and consideration are the key elements of a contract – in which case an 'Agreement' may be perceived for stamping purposes. Some may view that even a purchase order or quotation that is signed by both parties involved in a transaction constitutes an 'Agreement'. Likewise, there is also uncertainty about subscriptions or services signed over the Internet whereby there is no actual signature, but the customer simply checks the box to agree with the terms and conditions. It is no secret that the 75-year-old legislation has not kept up with time. Although there had been minor adaptations over the years, a holistic reform of this legislation is certainly overdue to reflect the evolution of business practices, digitalisation and perhaps policy goals. For a start, the policy makers clearly divide instruments which are in-scope for fiscal revenue purposes as compared to a mere token duty for the government to have a record of the transaction. The list of instruments included for the latter purpose should be revisited in light of the successful implementation of e-Invoicing and other existing mechanism. There are many aspects of uncertainty in the stamp act. This includes when stamping is mandatory, which instruments/agreements are in-scope for stamping and whether a given instrument/agreement is subject to nominal duty or ad valorem duty (being a percentage of contract value). This is evident with recent judicial decisions. It is hoped that the necessary legal adaptations would be made to simplify and foster certainty to make compliance easy for diligent taxpayers. Needless to say, guidelines and programmes to promote awareness among businesses on the scope of agreements for stamping are welcome. Further guidelines It is widely anticipated that the LHDN will issue further guidance on stamping of 'agreements' in the coming months, especially given that legislative changes had already been made to implement self-assessment for stamp study effective from Jan 1, 2026. In the meantime, businesses should be performing their own impact and risk assessment to identify any potential compliance gap and identify any grey areas in the Stamp Act 1949. Findings of this voluntary exercise would empower the management of the business with the much-needed information to make informed choices in navigating the situation. Inaction or a 'wait and see' approach would not be a wise choice given that LHDN has been actively auditing businesses on stamp duty compliance matters. Such audits cover the agreements entered in the years prior to 2025. For clarity, an impact or risk assessment is certainly not the act of doing a stock-take of everything that appears to be possibly an 'Agreement' and subjecting all of such agreements to stamping. Addressing key questions The process of performing the assessment must raise and address key questions as to whether each of the case involves an 'instrument' for which stamping is mandatory, and whether any of the existing exemptions is applicable. Where appropriate, businesses may also use the findings of the impact or risk assessment to proactively engage with the authorities. Large and medium businesses should form a project team to assess the impact and risks. Input from non-tax or non-financial functions are essential given that the organisations agreements may be 'scattered' across the organisation (for example, between legal department, sales department, corporate affairs and human resources). With only six months to go for the implementation of self-assessment for stamp duty (and widespread stamp duty audits being already undertaken now), businesses that value good governance and risk management practices should embark on the stamp duty impact and risk assessment project as soon as practicable. Thenesh Kannaa is an executive director of TRATAX Sdn Bhd, an independent tax consulting firm. The views expressed here are the writer's own.