A LEGAL ANALYSIS OF MALAYSIA’S PRIVACY LAW: TOWARDS A MORE RESILIENT LEGAL FRAMEWORK IN THE DIGITAL ERA

Authors

DOI:

https://doi.org/10.35631/IJLGC.1143004

Keywords:

Data Protection, Digital Transformation, Legal Reform, Privacy Law

Abstract

As digital technologies continue to transform industries and daily life, the protection of personal data has become a central issue in legal and policy discourse. In Malaysia, the Personal Data Protection Act 2010 (PDPA) represents a landmark statute governing data privacy in commercial contexts. However, the rapid development of technologies such as artificial intelligence, big data analytics, and cloud computing has raised concerns about the adequacy of the existing legal framework. This paper provides a legal analysis of Malaysia’s privacy law, examining the effectiveness of the PDPA in addressing emerging data protection challenges in the digital era. It evaluates the PDPA’s scope, enforcement mechanisms, and alignment with global standards while identifying significant gaps, particularly the exclusion of public sector data processing and limited data subject rights. Through critical examination, the study proposes key reforms aimed at strengthening Malaysia’s legal framework to ensure a more comprehensive and resilient approach to privacy protection in an increasingly digitalized environment.

 

Downloads

Download data is not yet available.

References

Abu Bakar, A. (2023). Comparative analysis of Malaysia’s data protection framework with global standards. Journal of Law and Digital Governance, 5(2), 115–133.

Adnan Trakic, R., Karim, R., & Tajuddin, H. H. A. (2023). Data protection in Malaysia: Challenges in the digital era. Asian Journal of Law and Society, 10(1), 55–74.

Angraini, Alias, R. A., & Okfalisa. (2020). Information security compliance in Malaysian higher education institutions. Journal of Theoretical and Applied Information Technology, 98(14), 2871–2882.

Bygrave, L. A. (2021). Data protection law: Approaching its rationale, logic and limits (2nd ed.). Oxford University Press.

Dato’ Seri Anwar bin Ibrahim v Public Prosecutor, [2010] 3 CLJ 845 (Federal Court, Malaysia).

Genting Malaysia Bhd v Pesuruhjaya Perlindungan Data Peribadi & Ors, [2022] 11 MLJ 898 (High Court, Malaysia).

Hamid, N., Mahmud, M., & Rahman, S. (2022). Privacy and surveillance in Malaysia’s post-pandemic digital landscape. Malaysian Journal of Policy Studies, 9(1), 21–40.

Kyobe, M. (2010). A knowledge management approach to e-Government: Challenges and lessons from Malaysia. Government Information Quarterly, 27(2), 164–173.

Kopitiam Asia Pacific Sdn Bhd v Modern Outlook Sdn Bhd & Ors, [2019] 10 MLJ 243 (High Court, Malaysia).

Leng, O. T. S., Vergara, R. G., & Khan, S. (2021). Personal data protection and privacy law in Malaysia. Sweet & Maxwell.

Lim, J. (2022). Digital economy and privacy law: A Malaysian perspective. Asian Business Law Journal, 8(3), 65–78

Lee Ewe Poh v Dr Lim Teik Man & Anor, [2011] 1 LNS 1042 (High Court, Malaysia).

Malaysia. (2010). Personal Data Protection Act 2010 (Act 709). Malaysia: The Commissioner of Law Revision.

Malaysia. (1997). Multimedia Super Corridor (MSC) Bill of Guarantees. Government of Malaysia.

Malaysia. (1936, revised 1997). Penal Code (Act 574).

Malaysia. (1957, as amended). Federal Constitution. Malaysia: The Commissioner of Law Revision.

Malaysia. (1998). Communications and Multimedia Act 1998 (Act 588). Malaysia: The Commissioner of Law Revision.

Maslinda Ishak v Mohd Tahir Osman & Ors, [2009] 6 MLJ 826 (High Court, Malaysia).

M Mohandas Gandhi v Ambank Berhad [2014] 1 LNS 1025 (High Court, Malaysia).

Mhlambi, S. (2020). From rationality to relationality: Ubuntu as an ethical framework for AI governance. Carr Center Discussion Paper Series, Harvard Kennedy School.

Mittelstadt, B. D., Allo, P., Taddeo, M., Wachter, S., & Floridi, L. (2016). The ethics of algorithms: Mapping the debate. Big Data & Society, 3(2), 1–21.

Mustaffa, N. (2021). Corporate governance and self-regulation in Malaysia’s data privacy landscape. Journal of Corporate Law Studies, 21(3), 457–475.

Norazah, M. S. (2021). Digital transformation and privacy in Malaysia: Lessons from the COVID-19 pandemic. International Journal of Law and Information Technology, 29(4), 357–375

Public Bank Berhad v Tan Teck Seng Jason & Anor, [2021] MLJU 92 (High Court, Malaysia).

Pua Kiam Wee v Ketua Pengarah Imigresen Malaysia & Ors, [2018] MLJU 1774 (High Court, Malaysia).

Rahman, F. (2021). Emerging challenges in personal data protection law in Malaysia. Asian Journal of Comparative Law, 16(2), 243–264.

Solove, D. J. (2021). Understanding privacy (Updated ed.). Harvard University Press.

Tan, P., & Lee, M. (2022). The adequacy of Malaysian data protection law in the context of cross-border data flows. International Data Privacy Law, 12(3), 189–204.

Tene, O., & Polonetsky, J. (2023). Privacy in the age of big data: The new frontiers. Stanford Law Review, 75(1), 55–112.

Trakic, A. (2017). Personal data protection in Malaysia: Balancing innovation and privacy. Malayan Law Journal, 6, lxxix–xci.

Ultra Dimension Sdn Bhd v Kook Wei Yee, [2004] 2 MLJ 624 (Court of Appeal, Malaysia).

Wright, D., & Raab, C. (2022). Privacy impact assessment. Springer.

Zarsky, T. Z. (2017). Incompatible: The GDPR in the age of big data. Seton Hall Law Review, 47, 995–1020

Zuboff, S. (2019). The age of surveillance capitalism. Public Affairs.

Downloads

Published

02-03-2026

How to Cite

Ismail, S., Ismail, Z. H., Hasanudin, S. F., & Ghazali, S. F. (2026). A LEGAL ANALYSIS OF MALAYSIA’S PRIVACY LAW: TOWARDS A MORE RESILIENT LEGAL FRAMEWORK IN THE DIGITAL ERA . INTERNATIONAL JOURNAL OF LAW, GOVERNMENT AND COMMUNICATION (IJLGC), 11(43), 41–51. https://doi.org/10.35631/IJLGC.1143004

Issue

Vol. 11 No. 43 (2026): Volume: 11 Issues: 43 [March, 2026]

Section

Articles