Malaysia: Announced Amendment to the Personal Data Protection Act 2010 (Act 709) including cybersecurity regulation

Announced Amendment to the Personal Data Protection Act 2010 (Act 709) including cybersecurity regulation

On 4 July 2024, the Cabinet of Malaysia announced proposed amendments to the Personal Data Protection Act 2010 (Act 709). The Amendment Act would introduce direct obligations on data processors to adhere to security requirements with penalties for b…

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

cross-cutting

Implementation Level

national

Government Branch

executive

Government Body

central government

Complete timeline of this policy change

Hide details

2024-07-04

under deliberation

On 4 July 2024, the Cabinet of Malaysia announced proposed amendments to the Personal Data Protecti…

2024-07-10

under deliberation

On 10 July 2024, the Personal Data Protection (Amendment) Act 2024 was introduced into the House of…

2024-07-16

under deliberation

On 16 July 2024, the Personal Data Protection (Amendment) Act 2024 was passed by the Malaysian Hous…

2024-07-31

adopted

On 31 July 2024, the Personal Data Protection (Amendment) Act 2024 was adopted by the Malaysian Sen…

2024-10-09

adopted

On 9 October 2024, the Personal Data Protection (Amendment) Bill was signed into law. The Act intro…

2025-01-01

in force

On 1 January 2025, sections 7, 11, 13, and 14 of the Personal Data Protection (Amendment) Act 2024 …

2025-04-01

in force

On 1 April 2025, sections 2, 3, 4, 5, 8, 10, and 12 of the Personal Data Protection (Amendment) Act…

2025-06-01

in force

On 1 June 2025, sections 6 and 9 of the Personal Data Protection (Amendment) Act 2024 (Act A1727) e…

Description

Announced Amendment to the Personal Data Protection Act 2010 (Act 709) including cybersecurity regulation

Scope

Complete timeline of this policy change