Safeguarding Consumers Privacy in Malaysia's Digital Economy Landscape
Article Sidebar
Main Article Content
Abstract
This study aims to explore the extent of application of the Personal Data Protection Act 2010 (PDPA) in Malaysia with regard to protecting privacy and avoiding the misuse of personal data when it comes to consumers buying from businesses operating through online platforms. It intends to determine the challenges faced by e-commerce platforms in ensuring the protection of private data from cyber-attacks and cyber troops and the issue of regulating cross-border data flows. This study also compares the PDPA with the European Union’s General Data Protection Regulation (GDPR) and Australia’s Privacy Act 1988 to identify improvements to the PDPA to make it more comprehensive and cater to the e-commerce industry. The study reveals that the PDPA provides protection for consumers buying from online platform businesses. However, there is a need for proactive cybersecurity measures by the online platforms operators to ensure the private data of the consumers are protected from cyber-attacks. Cross-border data flow is also a concern due to the lack of rules between nations on the mechanism to regulate data across borders. The EU’s GDPR is a possible solution, which also strengthens data protection and business opportunities in the digital market which is lacking in the PDPA. It would also be beneficial for Malaysia to look into Australia’s Privacy Act 1988 as a benchmark for how non-EU state legislation adapts to the GDPR. These reforms ensure alignment with the SDG goals.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
References
Adams, M. (2017). Big data and individual privacy in the age of the Internet of Things. Technology Innovation Management Review, 7(4), 12-24. https://doi.org/10.22215/timreview/1067
Alibeigi, A., & Munir, A. B. (2022). A decade after the Personal Data Protection Act 2010 (PDPA): Compliance of communications companies with the notice and choice principle. Journal of Data Protection & Privacy, 5(2), 119-137. https://doi.org/10.69554/YQUG8122
Alibeigi, A., Munir, A. B., & Asemi, A. (2021). Compliance with Malaysian Personal Data Protection Act 2010 by banking and financial institutions, a legal survey on privacy policies. International Review of Law, Computers & Technology, 35(3), 365-394. https://doi.org/10.1080/13600869.2021.1970936
Bakar, N. A., Rosbi, S., & Uzaki, K. (2020). E-wallet transactional framework for digital economy: A perspective from Islamic financial engineering. International Journal of Management Science and Business Administration, 6(3), 50-57. https://doi.org/10.18775/ijmsba.1849-5664-5419.2014.63.1005
Basarudin, N. A., Yeon, A. L., Mohamed Yusoff, Z., Md Dahlan, N. H., & Mahdzir, N. (2017). Smart home user's information in cloud system: A comparison between Malaysian personal data protection act 2010 and EU general data protection regulation. Malaysian Construction Research Journal, 2(2), 209-222. https://www.cream.my/data/cms/files/MCRJ%20SI%20Vol%202%20No_2%202017.pdf#page=220
Beh, L. S. (2019, March 8-9). Digital economy: A paradise or threat in the new norm? [Conference presentation]. 4th Asia-Pacific Public Policy Network Conference (AP-PPN 2019), Hong Kong, China. http://eprints.um.edu.my/id/eprint/20770
Bin Noor Azman, M. A., & Awang, M. N. (2020). Personal data protection of predictive analytics in online shopping: From Malaysian legal perspective. In The 3rd International Conference of the Postgraduate Students and Academics in Syariah and Law 2020 (INPAC 2020) (pp. 78-86). https://oarep.usim.edu.my/entities/publication/87c79eee-f70d-4a54-9843-e013c7038b87
Casalini, F., & Lopez Gonzalez, J. (2019). Trade and cross-border data flows (OECD Trade Policy Papers, No. 220). OECD Publishing. https://doi.org/10.1787/b2023a47-en
Chua, H. N., Herbland, A., Wong, S. F., & Chang, Y. (2017). Compliance to personal data protection principles: A study of how organizations frame privacy policy notices. Telematics and Informatics, 34(4), 157-170. https://doi.org/10.1016/j.tele.2017.01.008
Darmatama, M., & Erdiansyah, R. (2021). The influence of advertising in Tiktok social media and beauty product image on consumer purchase decisions. In Proceedings of the International Conference on Economics, Business, Social, and Humanities (ICEBSH 2021) (pp. 888-892). Atlantis Press. https://doi.org/10.2991/assehr.k.210805.140
European Data Protection Supervisor. (n.d.). The history of the General Data Protection Regulation. https://www.edps.europa.eu/data-protection/data-protection/legislation/history-general-data-protection-regulation_en
Fefer, R. F. (2020). Data flows, online privacy, and trade policy (Report No. 45584). Congressional Research Service. https://www.congress.gov/crs-product/R45584
Foerster-Metz, U. S., Marquardt, K., Golowko, N., Kompalla, A., & Hell, C. (2018). Digital transformation and its implications on organizational behavior. Journal of EU Research in Business, Article 340873. https://doi.org/10.5171/2018.340873
Gelman, L. (2009). Privacy, free speech, and blurry-edged social networks. Boston College Law Review, 50(5), 1315-1344. https://bclawreview.bc.edu/articles/953
Green, J. (2022). Cybersecurity challenges in the digital age. International Multidisciplinary Journal of Science, Technology & Business, 1(4), 19-23. https://imjstb.com/index.php/Journal/article/view/22
Groppe, S., Kuhr, F., & Coskun, M. A. (2018). Anonymous shopping in the Internet by separation of data. Open Journal of Web Technologies, 5(1), 14-22. https://d-nb.info/1168144469/34
Hsu, C.-L., & Lin, J. C.-C. (2016). Exploring factors affecting the adoption of Internet of Things services. Journal of Computer Information Systems, 58(1), 49-57. https://doi.org/10.1080/08874417.2016.1186524
Kamaruddin, S., Mohammad, A. M., Saufi, N. N. M., Rosli, W. R. W., Othman, M. B., & Hamin, Z. (2023). Compliance to GDPR data protection and privacy in artificial intelligence technology: Legal and ethical ramifications in Malaysia. In 2023 International Conference on Disruptive Technologies (ICDT) (pp. 284-288). IEEE. https://doi.org/10.1109/ICDT57929.2023.10150615
Kosimov, J., & Ruziboyeva, G. (2022). The role of the digital economy in the world. Scientific Progress, 3(2), 435-441. https://cyberleninka.ru/article/n/the-role-of-the-digital-economy-in-the-
Liu, Z., Iqbal, U., & Saxena, N. (2022). Opted out, yet tracked: Are regulations enough to protect your privacy? ArXiv. https://doi.org/10.48550/arXiv.2202.00885
Malaysian Communications and Multimedia Commission. (2024). Internet users survey 2022. https://www.mcmc.gov.my/skmmgovmy/media/General/IUS-2022.pdf
Mohamad, A., Angsor, M. A. M., Adi, M. N. M., & Min, A. T. J. (2025). Malaysia's e-commerce landscape: Legal structures and operational hurdles. In International Conference on Medical Imaging, Electronic Imaging, Information Technologies, and Sensors (MIEITS 2025) (Vol. 13631, pp. 189-196). SPIE. https://doi.org/10.1117/12.3059023g
Mohamed, D. B. (2012). Sustaining the right to privacy in e-commerce environment: The legal approach. OIDA International Journal of Sustainable Development, 5(1), 97-106. http://oidaijsd.com/wp-content/uploads/2019/04/05-01-10.pdf
Othman, M. B. B., & Samah, M. F. B. A. (2022). The Australian Privacy Act 1988: Lesson to be learned. Malaysian Journal of Social Sciences and Humanities (MJSSH), 7(9), Article e001766. https://doi.org/10.47405/mjssh.v7i9.1766
Polyakov, M., & Kovshun, N. (2021). Diffusion of innovations as a key driver of the digital economy development. Baltic Journal of Economic Studies, 7(1), 84-92. https://cyberleninka.ru/article/n/diffusion-of-innovations-as-a-key-driver-of-the-digital-economy-development
Prasetyoningsih, N., Ismail Nawang, N., Putri, W. V., & Amirullah, M. N. R. (2024). Legal protection for the personal data in Indonesia and Malaysia. In International Conference on Human-Computer Interaction (pp. 161-169). Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-61379-1_11
Ramaiah, A. K. (2019). Competition in digital economy: Fate of consumer welfare in Malaysia. Malaysian Journal of Consumer and Family Economics, 22(S1), 223-245. https://www.majcafe.com/competition-in-digital-economy-fate-of-consumer-welfare-in-malaysia/
Robinson, S., Chai, W., & Stedman, C. (2023, December 20). Big data analytics. Business Analytics. https://www.techtarget.com/searchbusinessanalytics/definition/big-data-analytics
Ruschemeier, H. (2023). Data brokers and European digital legislation. European Data Protection Law Review, 9(1), 27-38. https://doi.org/10.21552/edpl/2023/1/7
San, T. P. (2020). Predictions from data analytics: Does Malaysian data protection law apply? Information & Communications Technology Law, 29(3), 291-307. https://doi.org/10.1080/13600834.2020.1759276
Segado-Boj, F., & Diaz-Campo, J. (2020). Social media and its intersections with free speech, freedom of information and privacy: An analysis. Icono 14, 18(1), 231-255. https://www.redalyc.org/journal/5525/552562132011/html/
Sidi Ahmed, S. M., & Zulhuda, S. (2019). Data protection challenges in the Internet of Things era: An assessment of protection offered by PDPA 2010. International Journal of Law, Government and Communication, 4(17), 1-12. https://doi.org/10.35631/ijlgc.417001
Smith, R. B., Perry, M., & Smith, N. N. (2021). Three shades of data: Australia, Philippines, Thailand. Singapore Journal of Legal Studies, (1), 76-99. https://heinonline.org/HOL/P?h=hein.journals/sjls2021&i=77
Sureani, N. B. N., Qurni, A. S. B. A., Azman, A. H. B., Othman, M. B. B., & Zahari, H. S. B. (2021). The adequacy of data protection laws in protecting personal data in Malaysia. Malaysian Journal of Social Sciences and Humanities, 6(10), 488-495. https://doi.org/10.47405/mjssh.v6i10.1087
Thetbanthad, P., Sathanarugsawait, B., & Praneetpolgrang, P. (2025). Automated redaction of personally identifiable information on drug labels using optical character recognition and large language models for compliance with Thailand's Personal Data Protection Act. Applied Sciences, 15(9), Article 4923. https://doi.org/10.3390/app15094923
UNDP. (n.d.). What are the Sustainable Development Goals?. https://www.undp.org/sustainable-development-goals
United Nations. (n.d.). Goal 9: Build resilient infrastructure, promote sustainable industrialization and foster innovation. Sustainable Development Goals. https://www.un.org/sustainabledevelopment/infrastructure-industrialization/
Wolff, J., & Atallah, N. (2021). Early GDPR penalties: Analysis of implementation and fines through May 2020. Journal of Information Policy, 11, 63-103. https://doi.org/10.5325/jinfopoli.11.2021.0063
Xian, C. Y., Chua, W. H., Chua, C. J., Chuah, Y. C., Tan, M. N., Azzabilla, A., Risky, A. F., Oktavianti, A., & Ramadani, M. G. P. (2023). How online shopping on Shoppe platform affects the consumer behavior in Malaysia: An exploratory survey. Journal of the Community Development in Asia, 6(3), 414-426. https://doi.org/10.32535/jcda.v6i3.2548
Yuvaraj, S., & Sheila Eveline, N. (2018). Consumers' perception towards cashless transactions and information security in the digital economy. International Journal of Mechanical Engineering and Technology, 9(7), 89-96. https://iaeme.com/MasterAdmin/Journal_uploads/IJMET/VOLUME_9_ISSUE_7/IJMET_09_07_010.pdf