Home | Databases | WorldLII | Search | Feedback Privacy Law and Policy Reporter

Privacy Law & Policy Reporter --- "Private parts" [2001] PrivLawPRpr 19; (2001) 7(10) Privacy Law and Policy Reporter 208

Private parts

Malaysia issues Data Protection Bill for public consultation

The Malaysian Ministry of Energy, Communications and Multimedia is in the process of drafting new legislation on personal data protection.

According to the Ministry’s website at <www.ktkm.gov.my/comm/pdp.html>, the aim of the proposed legislation is:

• to regulate the collection, possession, processing and use of personal data by any person/organisation so as to provide protection to an individual’s personal data and safeguard the privacy of an individual; and
• to establish a set of common rules and guidelines on handling and treatment of personal data by any person or organisation.

The Personal Data Protection Bill is intended to be world leading ‘cyberlaw’ which provides a high level of personal data protection. The objectives of this law are:

• to provide adequate security and privacy in handling personal inform-ation;
• to create confidence among consumers and users of both networked and non-networked industries;
• to accelerate uptake of e-transactions; and
• to promote a secure electronic environment in line with MSC objectives.

The rationale of the proposed law is to promote Malaysia as:

• a communications and multimedia hub where the national adoption of e-based transactions is expected to be high;
• a premier investment centre for the communications and multimedia industry;
• a premier test-bed for applications of information and communications technologies; and
• a preferred trading partner in the communications and multimedia industry which provides international standards of personal data protection.

The Government has agreed to allow the draft Bill to be exhibited in the Ministry’s website for public access, scrutiny, comment and feedback. Public comment and feedback is invited and may be communicated to the Ministry through the Ministry Online Forum or to the following address:

Secretary-General

Ministry of Energy,

Communications and Multimedia

Ground Floor,

Wisma Damansara

Jalan Semantan 50668

Kuala Lumpur.

Tel. No: 603-2575000

Fax No: 603-2575001.

Asian personal data privacy forum

A one day forum for officials from Asian countries was held in Hong Kong on 27 March 2001. The forum, hosted by the Hong Kong Privacy Commissioner for Personal Data, attracted repres-entation from Hong Kong SAR, Indonesia, Japan, Macau SAR, Malaysia, Singapore and Thailand. In addition to the host office and government officials from those countries, participants included a professor of the Department of Information Management, National Central University, Taipei and an observer from New Zealand.

A substantial part of the meeting was devoted to presenting status reports on information privacy issues and law in the various jurisdictions. Presentations by experts from Hong Kong, New Zealand and the US discussed the work of the US Federal Trade Commission, the EU Data Protection Directive, human resource management and cross-border data matching.

Participants found the meeting valuable and saw merit in repeating the exercise, particularly given several current initiatives for data protection law at national level and EU activity in assessing the adequacy of data protection laws of countries in Asia. Participants expressed interest in exploring regional issues such as co-operation in relation to cross-jurisdictional privacy seal programs.

Source: Blair Stewart, New Zealand.

New Zealand encryption policy review

The NZ Law Commission advises in a December 2000 report that NZ encryption policy is to be reviewed later in 2001 and will involve public consultation. While no public discussion paper has yet been issued, submissions can nonetheless be made to the Chairman, National Cryptography Policy Committee, Domestic and External Security Secretariat, Department of Prime Minister and Cabinet, Executive Wing, Parliament Buildings, Wellington.

Source: Law Commission, Electronic Commerce Part Three: Remaining Issues, NZLC R68 <www.lawcom.govt.nz>.

Australia’s private sector privacy law not adequate, say European Union Commissioners

The ‘Article 29 Working Party’ of EU Privacy Commissioners consider that Australia’s private sector privacy law is not ‘adequate’ in terms of the EU Data Protection Directive. Their Opinion, issued in March, can be found at <europa.eu.int/comm/internal_market/en/media/dataprot/wpdocs/wp40en.htm>.

The Opinion identifies a number of deficiencies in the Australian law which would prevent in meeting the criteria for a finding of adequacy.

The Federal Attorney-General’s reaction to the report can be found at <law.gov.au/aghome/agnews/2001newsag/941_01.htm>.

The scale of ‘spam’, and implementation of the EU Directive

The European Commission has just released a study which estimates that ‘junk’ emails or ‘spam’ costs internet users 10 billion euro a year worldwide.

The study, which provides detailed information on the phenomenon in both the US and the European Union, forms part of the Commission’s ongoing efforts to ensure that the development of the internet and e-commerce does not undermine Europe’s rules on internet privacy and data protection.

The study also compares the different approaches adopted by EU Member States in implementing the EU Directives on data protection into national law. The study will help the Commission’s work with Member States’ data protection experts on assessing the implementation of EU data protection Directives. The findings will also be taken into account by the Commission when proposing updates to EU data protection legislation.

Further detail is available at <europa.eu.int/comm/internal_market/en/media/dataprot/studies/spam.htm>.

Unfortunately the full text of the report appears to be only available in French at present.

Source: EU delegation, Canberra.

Health privacy in Victoria

The Victorian Health Records Bill was passed on 3 April. It will come into effect from 1 July next year, with no phase-in period. It covers the handling of health information by the public and private sectors.

‘Health information’ means all personal information held by health service providers, plus information held by any organisation about a person’s health or disability at any time, information about the donation of body parts, organs or substances, and genetic information.

The legislation is a hybrid of the ACT Health Records (Access & Privacy) Act 1997 and the National Privacy Principles.

The text of the Bill is at <www.dms.dpc.vic.gov.au/>.

Source: Lindy Smith.

Commencement of private sector privacy law: correction

Contrary to assumptions made by many commentators, including Private Parts in 7(8) PLPR 168, the Privacy Amend- ment (Private Sector) Act 2000 (Cth) will commence on 21 December 2001, not 22 December.

Source: Attorney-General’s Department.