The recent news report of a potential data breach at the National Registration Department (JPN) raises concern regarding the security measures that are in place to protect the rakyat’s data. The report states that a database of four million Malaysian citizens containing data freshly obtained from JPN and hasil.gov.my (Inland Revenue Board) through the MyIdentity API has been put on sale through an online forum.
1. Data security must be of a high standard
The government must be held to at least the same standard as private companies, if not higher, when it comes to both data protection and security. This is especially true for data that is highly personal in nature. JPN, in charge of one of the most important databases of personal data in the country, must be held to the highest of security standards.
For example, regular penetration testing is one of the most basic measures that should be carried out by all
government agencies controlling personal data - it should be made clear if this is currently practiced, as the intrusion analyst who first reported these leaks claims that his previous efforts to inform the agencies about these leaks were not taken seriously.
Secondly, the fact that ten different government databases are accessible through a single API suggests that it may not have been designed with the highest security standards in mind. There should be
an emphasis on security by design and privacy by design for public digital services.
2. Transparency is paramount
The fact that myIDENTITY depends on citizens voluntarily updating their personal data makes a potential breach even more consequential for public trust. Trust needs to be earned - people will be less willing to offer their personal data if they cannot be confident in the government’s ability and willingness to protect it. The most important element in building trust is to be transparent. Estonia, a world leader in e-government, has illustrated this point time and again by being fully transparent about (i) the way they use citizens’ data (use cases) and (ii) data breaches or other shortcomings. If the Malaysian government truly wants to provide better digital public services, it would do well to practice this level of transparency.
3. Invest in cybersecurity, review PDPA
The government’s ‘Cloud First’ strategy and MyDigital policy, which intends to migrate 80% of public data to hybrid cloud systems by the end of 2022, must include serious investment in cybersecurity in the public sector. We must also review our data protection laws and update the Personal Data Protection Act (PDPA) with particular attention to the question of the PDPA’s applicability to federal and state governments. One of the key provisions we need to adopt (made evident by these events) is the requirement to inform data subjects when a breach has occurred.
Whilst it is encouraging to note that the government is keen to create a more digital nation, this can only be done if our digital policies are fit for purpose with sufficient attention paid to data security. We need assurance (including in the law) that our personal data will be properly secured before further data centralisation happens and it is only by building trust would the people embrace the necessary digital disruption.
* SERI is a non-partisan think-tank dedicated to the promotion of evidence-based policies that address issues of inequality, particularly at the intersection of technology and society
**The views and opinions expressed in this article are those of the author(s) and do not necessarily reflect the position of Astro AWANI.
Astro Awani
Fri Oct 01 2021
Whilst it is encouraging to note that the government is keen to create a more digital nation, this can only be done if our digital policies are fit for purpose with sufficient attention paid to data security, says think-tank SERI - File Pic
ISIS Malaysia's perspective of Budget 2025
An excellent rakyat-centric budget under the overarching principle of a caring and humane economy.
Budget 2025: Record increase in STR, SARA aid initiatives
The government will provide a significant boost to the Sumbangan Tunai Rahmah (STR) and Sumbangan Asas Rahmah (SARA) initiatives next year.
Budget 2025: EPF contributions to be made mandatory for foreign workers – PM Anwar
The government plans to make it compulsory for all non-citizen workers to contribute to the Employees Provident Fund (EPF).
What policies to expect from Indonesia's new President Prabowo
Prabowo will be open to foreign investment, his aide has said, such as by offering investors management of airports and sea ports.
Budget 2025: Govt allocates RM470 mil to empower women's participation in PMKS
The Women's Leadership Apprenticeship Program will be intensified as an effort to produce more female corporate personalities.
Israel sends more troops into north Gaza, deepens raid
Residents of Jabalia in northern Gaza said Israeli tanks had reached the heart of the camp, using heavy air and ground fire.
Indonesia ramps up security ahead of Prabowo's inauguration
Prabowo Subianto will be sworn in as Indonesia's president on Sunday with Vice President-elect, Gibran Rakabuming Raka, also taking office.
Immediate allocation of RM150 mil for local authorities, DID to tackle flash floods
Datuk Seri Anwar Ibrahim said this allocation is intended to address the recent flash floods that hit the capital and several major towns.
Budget 2025: Sabah, Sarawak to continue receiving among highest allocations - PM
Sabah and Sarawak continues to be prioritised under Budget 2025, with allocations of RM6.7 billion and RM5.9 billion respectively.
NFOF will be operational in November 2024 with funding of RM1 bil
PM Anwar Ibrahim said NFOF will support venture capital fund managers to invest in startup companies with RM300 million set aside for 2025.
Minimum wage to increase to RM1,700 effective Feb 1, 2025
The Progressive Wage Policy would be fully enforced next year with an allocation of RM200 million, benefiting 50,000 workers.
Bursa Malaysia ends higher on Budget 2025 optimism
The benchmark index, which opened 1.85 points higher at 1,643.29, moved between 1,641.71 and 1,649.31 throughout the trading session.
Five important aspects relating to people’s lives in Budget 2025 - PM
The focus is on driving the MADANI Economy, speeding reforms, cutting red tape, raising wages, and tackling the cost of living.
Economic outlook: Govt plans to leverage, expand existing city transit system
The expansion aims to provide a more efficient and reliable public transportation network, reduce congestion, and improve accessibility.
Economic outlook: Budget 2025 to lay foundation for a digital-driven economy
The report said Budget 2025 will entail efforts to position Kuala Lumpur as a top 20 global startup hub by 2030 through the KL20 initiative.
Economic outlook: Corruption and lack of accountability hinder economic progress
Special Cabinet Committee on National governance is established to curb corruption, law reforms to modernise outdate regulations, MoF said.
National Wages Consultative Council will be strengthened
The govt will also incentivise hiring women returning from career breaks, offer job matching and improve care services facilities.
Economic outlook: Ensuring 11 years of compulsory education for all children
Budget 2025 will continue prioritising upskilling and retraining initiatives to equip workers with the latest skill sets necessary.
Consolidated public sector projected to record lower surplus of RM41.7 bil 2024
The MoF said the consolidated general government revenue is estimated to increase slightly to RM384.7 billion in 2024.
PM announces substantial Budget 2025 hastening Malaysia to become Asian economic powerhouse
Datuk Seri Anwar Ibrahim said it would create jobs and also tackle financial leakages to enhance public spending efficiency.