Telcos assure anonymity, security for customers with data-sharing initiative

The Star

2 days ago

PETALING JAYA: Reaffirming their commitment to protecting customer privacy, telcos say data shared with the Malaysian Communications and Multimedia Commission (MCMC) is strictly anonymised.
CelcomDigi clarified its involvement in the Mobile Phone Data (MPD) initiative by MCMC, em­pha­sising that it adheres to the highest standards of data protection.
The company's policies, it stated, are in line with the Commu­nications and Multimedia Act, the Personal Data Protection Act, and other relevant regulations.
'We continuously conduct comprehensive reviews of privacy and data protection compliance across the company to drive constant improvements, aligned with best practices, and to stay abreast of new and emerging legislation,' it said in a statement yesterday.
Anonymisation is a data processing technique that removes or modifies personally identifiable information, resulting in data that cannot be associated with any one individual.
CelcomDigi has pledged to continue working intently with MCMC to support the government's initiatives without compromising the integrity of customer data, adding that adequate processes and controls would remain in place.
'When required, CelcomDigi will process requested data within our own secure environments and provide a limited sample of relevant fields, comprising anonymised and aggregated output, to MCMC.
'At all times, we will operate under tight security protocols and in compliance with relevant data protection laws and regulations, with stringent limitations on any personal identifiable information,' it said.
Telekom Malaysia (TM) said the MPD submitted to MCMC was fully anonymised and did not contain personally identifiable information.
'The submission of this data is carried out under strict governance and security protocols, in full compliance with applicable company policies as well as national laws and regulatory requirements.
'TM remains fully committed to safeguarding the safety and privacy of customer data with responsibility and integrity,' it said.
In its response, UMobile said at no point will personally identifiable information be shared or processed when the MPD is shared.
'UMobile affirms that the privacy and protection of our customers' data is a top priority. We are aware of the objectives of the initiative and are committed to working with MCMC in a manner that upholds the highest standards of data governance,' it said.
It was reported that, according to industry sources, the government had instructed local telcos in April to hand over detailed call and Internet usage logs for the first quarter of the year under the MPD project.
The data requested reportedly included call logs and IP call records, as well as precise location information, including latitude and longitude.
The report stated that telcos which fail to comply will be considered to have infringed the Communications and Multimedia Act, which carries a RM20,000 fine or six months' jail.
MCMC has since explained that the move was to support evidence-based policymaking in two key sectors – Information and Communication Technology, and tourism.
It stated that the data will be anonymised before it is submitted and that no individual subscriber could be identified through the data collected.
YTL Communications Sdn Bhd confirmed that it has complied with MCMC's directive to submit mobile network usage records for the first quarter of 2025 in support of the government's recently approved mandate to use MPD for national statistics.
'In fulfilling this obligation, YTL Communications has taken rigorous steps to anonymise all data prior to submission.
'No personally identifiable information has been shared, and customer privacy remains our highest priority,' it said in a statement.