Latest news with #PersonalDataProtectionAct
Bangkok Post
6 days ago
- Business
- Bangkok Post
Panel, agencies seek biometric guidelines
The Personal Data Protection Committee (PDPC) convened with related public and private agencies to seek ways to establish clearer guidelines to regulate the collection and use of biometric data, particularly iris scans, over concerns pertaining to the use of personal data. This follows widespread public participation in an iris scan activity carried out by Tools For Humanity Thailand in exchange for digital asset rewards as part of a campaign. Pol Col Suraphong Plengkham, secretary-general of the PDPC, said the eye scanning campaign raised concerns as to whether the data collected could be misused or whether or not the campaign complied with the law. The committee early this week invited key stakeholders from both the public and private sectors, including Tools For Humanity Thailand, to jointly establish regulatory guidelines on this matter. Participating agencies included the Electronic Transactions Development Agency (ETDA), the Securities and Exchange Commission, the Cyber Crime Investigation Bureau, the Department of Special Investigation and National Telecom. Representatives from the private sector included TIDC Worldverse Co Ltd, M Vision Plc, Bitkub Online Co Ltd, Com7 Plc and J.I.B. Computer Group Co Ltd. The use of biometric data from iris scans is classified as sensitive personal data under Section 26 of the Personal Data Protection Act. The meeting concluded that the PDPC will examine the company's process of requesting consent from the owners of the personal data regarding the iris scans to ensure transparency. The ETDA will verify whether the company's app is legally registered, while the SEC will investigate whether foreign apps are being used to generate income within Thailand's financial system. DATA 'NOT STORED IN APP' Pakapol Thangtongchin, country manager of Tools For Humanity Thailand, told the Bangkok Post that the company provided an update on its local operations during the meeting. He told the meeting that the company does not verify "identities" but rather provides "proof of humanity", meaning retina data is not stored in the company's app. The PDPC also requested additional documents from the company to conduct an in-depth technical review, Mr Pakapol added. The SEC wishes to ascertain whether the company's Worldcoin cryptocurrency has been traded legally. Mr Pakapol confirmed that the company trades the coins within five licensed cryptocurrency exchanges in Thailand. The ETDA is concerned about mini apps within the company's app ecosystem, particularly those related to financial services, which may not be authorised in Thailand. "We will closely monitor and address any regulatory concerns," Mr Pakapol added. He also noted that the rising value of cryptocurrencies and current economic challenges have led to an increasing amount of public interest in applying for the company's World app in order to receive free Worldcoin in exchange for having an eye scan. Currently, 10,000 people a week have been getting their eyes scanned via its Orb devices in public locations. However, he warned that some unauthorised individuals may engage in illegal activities, such as in-person meetups to exchange digital assets for cash outside the authorised exchanges. "We will educate our coin users on how to use the wallet properly and encourage them to trade only through authorised exchanges," he said. He said that before operating in Thailand, the company had already sought consultations with three regulators as to whether its service is legitimate or complies with the law.
New Straits Times
13-07-2025
- New Straits Times
PDPA breach: Student data misuse could lead to jail, hefty fine
KUALA LUMPUR: Many private higher education institutions have been found sending marketing materials without first obtaining permission from students or their parents, breaching personal data laws. Personal Data Protection Department (JPDP) principal assistant director Mohamad Azrul Azmisaid such actions violate the Personal Data Protection Act (PDPA) 2010, which requires clear consent before personal data can be used or processed. Disclosing personal information such as phone numbers without consent can result in a fine of up to RM1 million or a three-year jail term, Kosmo! reported. "This clearly violates the first principle of the PDPA, which requires consent from the data owner before any use or processing of their personal data. "For instance, if a private higher education institution sends promotional offers via WhatsApp without permission, that already breaches the core principle of the PDPA. "Such offences may implicate not just the institution, but also third parties that supplied the data," he said. Azrul said if student data was obtained through a third party such as a data broker company, both parties could face prosecution. "Legal action will be taken if individuals or organisations continue to harass recipients after being warned. "However, if the sender persists, individuals may lodge an official complaint with JPDP accompanied by supporting evidence such as screenshots," he said. He added that many parents and students who receive unsolicited offers to further their studies are unaware they can file a direct complaint with JPDP. "The complaints process begins with lodging a report directly with the sender. "If the harassment continues after a warning, the complaint can be escalated to JPDP, which will then issue a Section 43 Notice," he said. The public may submit complaints to JPDP through its website at if their personal data has been misused. Meanwhile, Universiti Teknologi Mara (UiTM) Shah Alam Faculty of Information Science associate professor Dr Muhamad Khairulnizam Zaini said several key factors often lead to data leaks. He said although every case requires specific investigation, breaches are commonly caused by two main factors: unauthorised access and weaknesses in system security. "Leaks can occur when someone without permission infiltrates a system and accesses confidential data, whether from inside or outside the organisation," he said. According to Kosmo!, many private higher education institutions have been using the personal data of SPM leavers to send unsolicited offers of admission, raising concerns over data privacy violations.
Daily Express
11-07-2025
- Business
- Daily Express
Legal concerns over Borneo.TV: Group
Published on: Friday, July 11, 2025 Published on: Fri, Jul 11, 2025 Text Size: Safva's legal advisor Yong Yit Jee said several potential legal concerns must be addressed for the platform to function transparently and lawfully. Kota Kinabalu: Sabah Film and Visual Association (Safva) has called for a constructive dialogue between the Sabah Maju Jaya (SMJ) Secretariat, IB Media Consultant Works Sdn Bhd and local creative stakeholders to ensure operates in a legally compliant and equitable manner. Safva said it supports the State government's effort to promote local talent through describing it as 'a commendable initiative to elevate Sabah's creative industry.' However, Safva's legal advisor Yong Yit Jee said several potential legal concerns must be addressed for the platform to function transparently and lawfully. He claimed there needs to be clarity on whether income generated from Sabah content on is contributing to the state's tax revenue, especially as the platform is owned by a peninsula-based company. 'Any income derived from local productions should contribute to Sabah's tax revenue as it directly pertains to the State's economic growth,' Yong said in a statement. He also raised concerns over the handling of intellectual property and royalties for local creators, stressing that 'transparency in the contractual agreements between the SMJ Secretariat and IB Media is vital'. 'It is crucial to ensure that Sabah's artists will receive appropriate royalties and that their intellectual property rights are protected,' he said. Safva urged the State to ensure that IB Media holds the proper broadcasting licences from regulators like the Malaysian Communications and Multimedia Commission (MCMC). 'Without the proper legal authorisations, the platform could be operating in violation of Malaysian laws,' Yong said, warning of potential legal liability for all parties involved. The association also questioned whether has adequate compliance with the Personal Data Protection Act (PDPA), as the platform may collect data from creators and viewers. 'Any breach of privacy regulations could result in severe legal consequences for the platform and its stakeholders,' Yong said. Safva further urged the government to ensure that the platform has clear terms of service and content guidelines to reduce liability linked to user-generated content. In addition, Yong said must uphold the principle of Free, Prior, and Informed Consent (FPIC) when featuring indigenous cultural content. 'Failure to consult with indigenous communities could lead to legal action if cultural elements are used without consent,' he said. Safva called for the public disclosure of the agreement between the SMJ Secretariat and IB Media, stating that 'transparency is essential to safeguard the interests of local creatives'. Yong said the association is ready to collaborate with the State Government and relevant parties to help build a platform that is both legally sound and beneficial to Sabah's creative ecosystem. * Follow us on our official WhatsApp channel and Telegram for breaking news alerts and key updates! * Do you have access to the Daily Express e-paper and online exclusive news? Check out subscription plans available. Stay up-to-date by following Daily Express's Telegram channel. Daily Express Malaysia
Straits Times
09-07-2025
- Business
- Straits Times
Users need to scrutinise what data is shared through MyInfo
Sign up now: Get ST's newsletters delivered to your inbox At least 1,000 digital services offered by government agencies and businesses are integrated with MyInfo. SINGAPORE - Like many banks and insurance firms, dating platform Coffee Meets Bagel (CMB) uses government records to verify its users. CMB users authenticate themselves through Singpass to retrieve from MyInfo their NRIC or FIN number, date of birth, marital status and gender. The information is needed by CMB for verification purposes. According to data provided in 2023, more than 300,000 transactions are performed daily using MyInfo, a service that allows users to fill in digital forms with their personal data drawn from government databases. At least 1,000 digital services offered by government agencies and businesses are integrated with MyInfo. ST has contacted GovTech for updated numbers. GovTech requires companies to submit a 'user journey' document to show how the government digital services will be used. Companies that want to integrate their online services with Singpass' login function will be assessed on a case-by-case basis, according to Singpass' website. Companies are also advised not to request for more personal data than needed from MyInfo to carry out their services. 'This is aligned with the guidelines of the Personal Data Protection Act (PDPA), which instructs the collection of personal data in an appropriate manner for the circumstances,' according to Singpass' website. 'Each request will be reviewed prior to approval.' Top stories Swipe. Select. Stay informed. Singapore Singapore to hire 1,000 new educators annually in the next few years, up from 700 Singapore COE prices rise for all categories Business Temasek reports $45 billion rise in net portfolio value to $434 billion Business Singapore finance employers pledge 300 places for trainees and interns from polytechnics Singapore $43k fine for undischarged bankrupt doctor who failed to disclose assets worth over $4m Singapore Female primary school teacher allegedly committed sex acts with underage male student Singapore Goodbye fraudsters? Dating app Coffee Meets Bagel rolls out identity verification Singapore Pritam's appeal against conviction, sentence over lying to Parliament set for Nov 4 GovTech declined to specify how it assesses requests from companies and what due diligence is conducted to prevent the over-collection of data. In Singapore, the PDPA governs the collection and use of personal data. Users who have concerns about the ways their personal data is handled can lodge their complaints on the Personal Data Protection Commission's website . Users are advised they still need to scrutinise the type of information that they share via MyInfo. 'It generally is a good practice for users to be more aware about what they are acceding to before they consent to their data being shared,' said Mr Josh Lee, managing director (Asia-Pacific) at the Future of Privacy Forum and senior research affiliate at the SMU Centre for Digital Law. Many people are unaware of the risks of giving away too much personal information, said Nanyang Technological University (NTU) associate professor Hannah Yee-Fen Lim. Sensitive data that falls into the wrong hands can lead to harms such as fraud and identity theft. 'If they know the capabilities of data processing technologies, and how easily and how much harm can result, they may take a less cavalier attitude when giving away their own personal data,' said Prof Lim, who teaches courses on law and technology at NTU.
The Sun
09-07-2025
- Business
- The Sun
Debtors have more options than to suffer in silence
PETALING JAYA: Many Malaysians trapped in debt often suffer in silence, a move that not only worsens their financial situation but also takes a toll on their mental health. 'This kind of action will backfire and only add pressure to the debtor's life, often leaving many unable to continue living a normal life,' said Association of Professional Debt Collection Agency Malaysia (APDCAM) president Za'ba Hasrin. Speaking to theSun recently, he said licensed debt collection agencies appointed by banks do more than just recover overdue loans as they also serve as financial counsellors. 'When someone steps forward and speaks with us, we can come up with solutions. We guide them to better understand the situation they're facing. If they're willing to open up, we're ready to help negotiate with banks.' He said many people are unaware of the options available to them, such as making withdrawals from their Employees Provident Fund to settle part of their housing loans. Za'ba said agencies also work with younger borrowers by recommending longer loan tenures to ease monthly repayment burdens. 'If someone is genuine, facing real financial hardship and is honest with us, we'll work out a plan.' He said debt counselling services do not incur any charges for the debtor, as all fees are paid by banks. On the issue of public stigma and concerns over scams, Za'ba said all licensed debt recovery efforts follow proper procedures and are fully transparent. 'Before any debt collection agency is appointed by a bank, debtors will receive an official notice letter at least seven days in advance informing them that their account is being handed over to a collector. 'They can always contact the bank directly, and are encouraged to request identification or authority credentials from the collector for verification.' He added that APDCAM encourages the public to file complaints if they encounter harassment or unprofessional behaviour. 'Anyone can lodge a report with us via our website at Za'ba acknowledged that the public's perception of debt collectors remains largely negative, often associating the profession with harassment or scams. 'We operate from call centres that comply with industry standards, and are subject to audits by the banks that assign us collection work. When we're engaged by banks, telcos or corporate clients, we are bound by the Personal Data Protection Act.' He said the call centres are tightly regulated to safeguard customer data. 'One of the strict protocols is that mobile phones are prohibited in the operations areas. Our computers also cannot access the internet or take screenshots, and USB ports are disabled.' He said banks only share relevant information related to the specific debt being collected, not broader personal details. 'We only speak to the debtor about the specific outstanding amount and how to resolve it, nothing beyond that.' To enhance the professionalism and reputation of the debt collection industry, Za'ba said APDCAM which was established in 2023, is rolling out a structured training and certification programme for collection agents. He said the initiative aims to introduce a standardised syllabus to ensure that all collectors are trained to handle debt recovery ethically and professionally.
