Malaysia: Implemented Personal Data Protection Code of Practice for Licensees under the Communications And Multimedia Act 1998

On 23 November 2017, Malaysia's Data Protection Authority announced the enforcement of the Data Protection Regulation, specifically addressing licensees under the Communications and Multimedia Act 1998. The regulation encompasses Network Facilities Providers, Network Services Providers, Applications Service Providers, and Content Applications Service Providers, aiming to ensure personal data protection within these sectors. The regulation outlines the application of personal data protection principles, detailing the obligations of data users towards individuals, third-party service providers, and employees, including the necessity for employee training on data handling. Licensees have been granted a six-month grace period from the effective date to comply with the stipulated requirements.