A new department is being established under the Information Communication and Culture Ministry to oversee the implementation of the Malaysian Personal Data Protection Act 2010, scheduled to be enforced early next year.
Deputy Minister Datuk Joseph Salang said the new department was targeted to be operational by next year or earlier.
"As you know, to establish the department, we need to do everything right and this will take time," he told a press conference after the launch of the Information Security Summit 2011, here, today.
He said there was an urgent need for the government to establish personal data protection laws as there were a total of 17 million Internet users in the country.
"More than 58 per cent household broadband penetration is also a factor for drawing up the Malaysian Personal Data Protection Act 2010.
"Prior to the implementation of this Act, personal data is only bound by contractual agreement or common law."
Salang said the implementation of the Act would significantly alter the way personal data is collected, processed, stored and transmitted between individuals and commercial organisations in Malaysia.
"The givers will be able to dictate how their data is being used by a third party, as well as have clearly defined rights to access and correct their personal data.
"I admit that our digital infrastructure is still in its infancy and years behind the more mature infrastructure of digital goliaths such as the United States.
"But our digital infrastructure has a sound foundation through the establishment of the Multimedia Super Corridor (MSC) and is reinforced by the commitment of the government to continually improve and upgrade our system through cooperation and smart partnership with the private sector," he added.
About 140 participants from the government and private sector, government-linked companies and embassies are attending the two-day Information Security Summit from today.
It addresses the key issues and challenges in information security faced by organisations across the industry, namely to integrate security into an effective IT risk management framework, build a security strategy to manage network security, data protection and leakage, and understanding the implications and guidelines to comply with the Privacy Data Protection Act 2010.