The document outlines data protection principles that govern the use of personal information by organizations, requiring fair and lawful handling, secure storage, and limited purposes. It explains the significance of privacy in allowing individuals to control their information and highlights obligations for data collection, storage, and transmission. Additionally, it discusses relevant legislation like the Personal Data Protection Act 2009 and the Computer Crimes Act 1997, as well as the role of Cyber Security Malaysia in regulating communications and multimedia industries.

1. PROTECTION,
PRIVACY AND
CRIMES IN ICT
C H A P T E R 5

2. Data Protection
 Data Protection controls how your personal
information is used by organizations, businesses
or the government.
 Everyone responsible for using data has to follow
strict rules called ‘data protection principles’. They
must make sure the information is:
 used fairly and lawfully
 used for limited, specifically stated
purposes
 handled according to people’s data
protection rights
 kept safe and secure

3. Data Protection
There is stronger legal protection for more
sensitive information, such as:
 ethnic background
 political opinions
 religious beliefs
 health
 criminal records

4. Privacy
 The state or condition of being free from being
observed or disturbed by other people.
 The claim of individuals, groups and
institutions to determine for themselves,
when, how and to what extent information
about them is communicated to others

5. Privacy
 The state or condition of being free from being
observed or disturbed by other people.
 The claim of individuals, groups and
institutions to determine for themselves,
when, how and to what extent information
about them is communicated to others

6. Purpose of Data Protection and
Privacy
1. Collection Data
2. Storing Data
3. Transmitting Data

7. Purpose of Data Protection and
Privacy
1. Collection Data
be clear from the outset about why you
are collecting personal data and what
you intend to do with it;
ensure that if you wish to use or
disclose the personal data for any
purpose that is additional to or different
from the originally specified purpose

8. Purpose of Data Protection and
Privacy
1.Storing Data
 Never reveal personal data to third parties
without the consent of the individual
concerned or other reasonable justification.
 It should be specified that identification data
will be encrypted and strictly separated from
sensitive data
 A non-WAN connected computer server or
HARD disk should be preferred.

9. Purpose of Data Protection and
Privacy
1. Transmitting Data
 Each data controller must make its own judgments, based upon its own
particular circumstances, about the most suitable security measures to
implement.
 The transmission of personal data within an internal network, such as a
corporate 'intranet', should at minimum be subject to clear access
controls.
 Transmission over external networks, such as the internet, should
normally be subject to robust encryption.
 This requirement will be of particular relevance to e-commerce
businesses which record customer details on-line, e.g. via on-line booking
forms.
 Similarly, telecommunications service providers, which transmit personal
data over their networks, must take whatever technical measures are
necessary to keep such data secure from unauthorized interception

10. Personal Data Protection Act
2009
The proposed law seeks to regulate the
processing of personal data of
individuals involved in commercial
transactions.
his area of law specifically relates to
the dissemination and storage of
personal data of people and is related
to the law of privacy.

11. Communication and
Multimedia Act 1998
An Act to provide for and to regulate
the converging communications and
multimedia industries, and for
incidental matters.

12. Types Of Computer Crimes
hen any crime is committed over the Internet it
is referred to as a cyber crime. There are
many types of cyber crimes and the most
common ones are explained below:
Hacking
Theft
Cyber Stalking
Identity Theft
Malicious Software

13. Computer Crimes Act 1997
Created several offences relating to the
misuse of computers.
Among others, it deals with unauthorized
access to computer material, unauthorized
access with intent to commit other offences
and unauthorized modification of computer
contents.
It also makes provisions to facilitate
investigations for the enforcement of the Act.

14. Cyber Security Malaysia
Advise the Minister on all matters concerning
the national policy objectives for
communications and
multimedia activities;
Implement and enforce the provisions of the
communications and multimedia law;
Regulate all matters relating to
communications and multimedia activities not
provided for in the
communications and multimedia law;

15. Cyber Security Malaysia
Consider and recommend reforms to the
communications and multimedia law;
Supervise and monitor communications and
multimedia activities;
Encourage and promote the development of
the communications and multimedia industry;
Encourage and promote self-regulation in the
communications and multimedia industry;

16. Cyber Security Malaysia
 Promote and maintain the integrity of all persons
licenced or otherwise authorised under the
communications and multimedia industry;
 Render assistance in any form to, and to promote
coorperation and coordination amongst, persons
engaged in communications and multimedia activities.
 Carry out any function under any written law as may
be prescribed by the Minister by notification published
in the Gazette