A Brief Research on Personal Data Protection Act 2010 (PDPA) and Data

Protection Act 1998 (DPA)

The Personal Data Protection Act 2010 (the PDPA) was passed in June 2010. One of its
dominant influences is the UK Data Protection Act 1998 (the DPA).

The Differences between PDPA and DPA

PDPA DPA
Scope Narrow. Wide.

Only applies if disputed matters is on DPA has not separated personal

commercial transaction.
Preamble:
An Act to regulate the processing of
personal data in commercial
transactions and to provide for
matters connected therewith and
incidental thereto.
To whom this PDPA does not apply to:
Act applies?
s.2(1)- non-commercial transactions
s.3(1)- Federal and State
governments
s.3(2)- Personal data processed
outside Malaysia unless that personal
data is intended to be further
processed in Malaysia
data categories into commercial
or non-commercial categories.
All personal data is treated
equally and subject to the same
requirements of the Act.
Preamble:
An Act to make new provision
for the regulation of the
processing of information
relating to individuals, including
the obtaining, holding, use or
disclosure of such information.
DPA applies to government:
s.1(1)- data includes “accessible
record” as defined in s.68.
s.68(1)(c)- “accessible record”
means an accessible public
record as defined by Schedule
12.
Schedule 12- accessible public
record involves: -
(a) Housing Act Local Authority
(b) Local social services
authority

Own interpretation:

Unlike in Malaysia, DPA applies to public sector as in UK. This is

because as far as data and personal information are concerned,
government is the biggest collectors and holders of such data. Thus, the
law must bind them in order to prevent abuse and mishandling of
personal data and protect information privacy.
 However, according to Datuk Seri Dr Rais Yatim, the reason why PDPA
binds only the private sector is because safeguards already exist which
take care of government channels, such as the Official Secrets Act 1972.1

Enforcement s.47- Minister appoints Personal Data s.6 + Schedule 5-

Protection Commissioner to carry out The Commissioner is:
functions and powers under this Act. i) an independent
s.59- Commissioner is responsible to official whose legal
the Minister and the Minister is “in personality is a
control” of the Commissioners in corporation sole
exercising of their functions and ii) answerable directly to
powers. Parliament and not to
a Minister
As such, it lacks of functional iii) exercises legal
independence on the Part of powers vested
Commissioner unlike the position in directly in him and
UK. not delegated by a
Minister

1
http://researcharchive.vuw.ac.nz/xmlui/bitstream/handle/10063/3393/thesis.pdf?sequence=2