·

Data Privacy and Protection: Why It Matters More Than Ever

ByTiqa Hours

 In today’s hyper-connected world, every login, online purchase, and “I agree” click creates a digital trail. Because our personal data is so valuable, it has also become increasingly vulnerable. When that information falls into the wrong hands, the consequences escalate quickly—scams, hacked accounts, financial losses, and long-term damage to one’s reputation. With cyber threats evolving at a rapid pace, safeguarding personal data is no longer just a technical requirement. It is a shared responsibility involving organisations, regulators, and individuals. 

Worldwide, data protection laws continue to strengthen. Two major frameworks shaping this landscape are the Malaysia’s Personal Data Protection Act (PDPA) and European Union’s General Data Protection Regulation (GDPR), recently updated through the Personal Data Protection (Amendment) Act 2024. Understanding these regulations is crucial for both businesses and consumers navigating the digital age. 

Malaysia’s PDPA Amendments 2024/2025: Strengthening Local Protections 

Malaysia’s PDPA has been updated to enhance consumer protections and align with global standards. Key improvements, rolled out through 2025, include: 

  1. Direct obligations for data processors to implement technical and organisational safeguards.
  2. Revised cross-border transfer rules requiring mandatory safeguards approved by the Personal Data Protection Department (PDPD).
  3. Expanded definition of sensitive personal data to include biometric traits.
  4. Higher penalties of up to RM1 million and possible imprisonment.
  5. Mandatory Data Protection Officer appointments (effective 1 June 2025).
  6. Compulsory breach notifications to the Commissioner and affected individuals.
  7. New data portability rights for consumers.

These updates reinforce Malaysia’s seven PDPA principles: General, Notice & Choice, Disclosure, Security, Retention, Data Integrity, and Access. 

GDPR: A Global Gold Standard 

The GDPR is widely regarded as one of the strongest data privacy laws in the world. Although designed for the European Union, it applies globally, including to Malaysian 

organisations that offer goods or services to EU residents or monitor their online behaviour. 

GDPR defines personal data broadly; names, financial information, online identifiers, employee data, and sensitive data such as health or biometrics. It also provides individuals with powerful rights: access, correction, deletion, restriction, objection, and data portability. 

Organisations subject to GDPR must meet strict requirements, including transparency, lawful processing, data minimisation, and strong security controls. They may need to appoint a Data Protection Officer (DPO), conduct impact assessments, and report data breaches within 72 hours. Cross-border transfers are allowed only when adequate protection measures are in place. 

Everyone Plays a Part: Staying Safe Online 

Even with stronger laws, many cyber incidents begin with simple mistakes, oversharing information, clicking unsafe links, or using unsecured devices. Individuals can reduce risks by: 

  • Sharing only necessary information online
  • Using trusted platforms for payments
  • Enabling device lock screens and Multi Factor Authentication (MFA) for an extra layer of protection
  • Tightening social media privacy settings
  • Avoiding all SMS links, as telcos now block legitimate ones
  • Reporting suspicious messages

Protecting Data, Together 

As digital ecosystems grow, so does the need for strong data protection. The GDPR sets a global benchmark, while Malaysia’s enhanced PDPA demonstrates a commitment to responsible data governance. For businesses, compliance builds trust; for individuals, safe online habits can prevent serious harm. Data privacy is a shared responsibility, and a key pillar of a secure digital future. 

Need Help or Suspect a Scam? 


If you believe you’ve been targeted by a scam, notice unusual activity involving your personal information, or feel something isn’t right, please reach out through the channels below:
• Etiqa Oneline: 1-300-13-8888
• National Scam Response Centre Hotline: 997 (8am–8pm daily)

References

  1. European Union. (2016). General Data Protection Regulation (GDPR).
  2. Government of Malaysia. (2024). Personal Data Protection (Amendment) Act 2024.
  3. Personal Data Protection Department (PDPD). (2024). Official Guidelines on PDPA Amendments.

Tiqa