Legality and Compliance in the Digital Sphere (Theory)

Activity: Community Talks, Presentations, Exhibitions and EventsPublic lecture/debate/seminar


In Malaysia, collection, processing, storage, transfer and retention of individuals’ personal data are governed under the Personal Data Protection Act 2010 (the “Act”). In short, the Act regulates the processing of personal data in commercial transactions in Malaysia. In 2019, the Personal Data Protection Commissioner Malaysia (“PDPCM”) undertook the Act’s compliance inspections on business and commercial entities operating in Malaysia. The PDPCM’s enforcement approach in 2019 had focused on the sectors of services, education, tourism and hospitalities, in particular the services sector, where the number of inspection visits conducted by PDPCM was approximately twenty (20) % of the total conducted inspections. Hence, it is essential for the businesses operating digitally in the services sector to comply with the data protection standards and principles.

Handling contact data (personal data) for any reason within a company is classed as data processing. For example, creating an email list is data processing. To comply with PDPA, data should be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing. Hence, it is important to know the requirements to comply with the Act for any business operating in the digital sphere. In this session, we will understand the legal regime of personal data protection, analyse the Personal Data Protection Principles, and comprehend the steps to ensure compliance with the Minimum Standards.


Understand the legal regime of personal data protection.
Analyse the personal data protection principles.
Evaluate Personal Data Protection Principles for direct marketing.
Comprehend the steps to ensure compliance with the minimum standards.


General Overview of PDPA
Complying Measures of the Personal Data Protection Principles
Direct Marketing and Personal Data Protection in Malaysia
Minimum Standards Under the Security Principle, the Retention Principle, and the Data Integrity Principle
Ensuring Compliance with the Minimum Standards
Frequently Asked Questions (FAQ)
Q/A session

Period17 May 2022
Event typeSeminar
Degree of RecognitionLocal