Data breaches: How they compromise your rights and what should be done to stop them — Ellen Hays

BY ELLEN HAYS 

Photo by Ilya Pavlov on Unsplash

Recent data breaches in Malaysia have made for dramatic news headlines. But what exactly is a data breach? And how can they affect your life?

Data breaches may seem like a remote, technological issue that is irrelevant to our everyday lives. You may be surprised to learn that data breaches are an important human rights issue that can touch upon the lives of everyone. Read more

Experts: Laws, greater vigilance sorely needed to curb data breach

Source: Free Malaysia Today

PETALING JAYA: The founder of tech portal Lowyat.net Vijandren Ramadass has lamented the lack of laws in Malaysia that outline what organisations should do in the event of a data breach.

The European Union, for instance, is drafting a general data protection regulation.

The United States already has laws that require companies to notify those affected by their data breaches, a report in Today Online said.

In October last year, Vijandren uncovered a major data leak in Malaysia said to have affected almost every Malaysian and possibly millions of tourists.

He had discovered the leak when a user tried to sell the data on the portal’s forum.

The leaked data, which cybersecurity experts have said was extensive enough to allow criminals to create fraudulent identities to make online purchases, included lists of mobile phone numbers, identification card numbers, home addresses, and SIM card data of 46.2 million customers.

Read more

Review Data Act so action can be taken against government for misconduct, Putrajaya told

Source: Malay Mail Online

KUALA LUMPUR, Feb 6 — A group consisting of civil societies and “concerned individuals” today called for the Personal Data Protection Act 2010 to be reviewed so that federal and state governments will be held responsible for any leaks of personal data that they collect.

The group of 13 organisations and four individuals said the recent cases of data leak show that the Act, short for PDPA, must be reviewed to include governments and government agencies in order to mitigate future breaches.

Read more

MCMC and Nuemera sued over 2014 data breach

Source: Malay Mail Online

KUALA LUMPUR, Feb 7 ― PKR communications director Fahmi Fadzil filed a civil suit against the Malaysian Communications and Multimedia Commission (MCMC) and Nuemera (M) Sdn Bhd yesterday for alleged failure to protect 46.2 million personal information.

The suit was triggered by a massive date breach that is believed to have occurred in 2014.

“In this digital era, our personal infomation has become the basis of our day to day transaction. The public needs to know that they can trust and feel confident about the institutions and parties who are entrusted of such duties, can stay true to their responsibilities.

Read more

Report: Asean not spending enough on cybersecurity

Source: Free Malaysia Today

PETALING JAYA: Although awareness of digital attacks is high, Asean countries including Malaysia are not spending enough on cybersecurity, a global consulting firm says.

In a report released on Tuesday, AT Kearney said in 2017, Asean countries collectively spent only 0.06% of their GDP, or US$1.9 billion (RM7.4 billion), on cybersecurity.

This was in contrast to the global average of 0.13%.

Read more

To fight crime, let’s have a national CCTV policy

Source: The Star Online

Picture of camera

Picture drawn from The Star Online

SUBANG JAYA: The Malaysian Crime Prevention Foundation (MCPF) has proposed that the Government establish a national policy on closed-circuit television (CCTV).

Its vice-chairman Datuk Seri Ayub Yaakob said the proposal was made during the one-day Selangor MCPF townhall discussion on effective strategies in prevention of crime and drug abuse here Saturday.

“We have seen billions of ringgit being spent and CCTVs installed everywhere, but none of them followed any regulation or policy to assist in crime prevention and criminal investigations.

“Therefore, we urge the Government to formulate a policy as a means of regulating CCTVs as has been implemented in developed countries such as Japan, South Korea and the United Kingdom,” he told a press conference after the discussion.

Read more

UN expert urges states to work toward cyber surveillance treaty

Source: FMT News

As violations on online privacy increases, more needs to be done to enhance protection against surveillance -- pic taken from FMT News

As violations on online privacy increases, more needs to be done to enhance protection against cyber-surveillance — pic taken from FMT News

NEW YORK: The world needs an international treaty to protect people’s privacy from unfettered cybersurveillance, which is being pushed by populist politicians preying on fear of terrorism, according to a UN report debated on Wednesday.

The report, submitted to the UN Human Rights Council by the UN independent expert on privacy, Joe Cannataci, said traditional privacy safeguards such as rules on phone tapping were outdated in the digital age.

“It’s time to start reclaiming cyberspace from the menace of over-surveillance,” Cannataci told the Council.

With governments worldwide demanding data from firms such as Microsoft, Google, Facebook, Apple and Twitter, it did not make sense to rely entirely on US legal safeguards, and creating an “international warrant” for data access or surveillance would unify global standards, he said.

“What the world needs is not more state-sponsored shenanigans on the Internet but rational, civilized agreement about appropriate state behavior in cyberspace,” the report said. “This is not utopia. This is cold, stark reality.” Read more

Putrajaya enggan jawab dakwaan beli teknologi untuk risik rakyat

Sumber: The Malaysian Insider

Putrajaya tidak menjawab sama ada sudah membeli satu alat teknologi daripada “Hacking Team” untuk merisik rakyat sendiri dengan mengatakan data peribadi dan kerahsiaan rakyat sentiasa terjaga.

Menjawab soalan Ahli Parlimen Klang Charles Santiago, Menteri Komunikasi Dan Multimedia Datuk Seri Salleh Said Keruak mengatakan kerajaan sentiasa mempertahankan dan menjamin hak rakyat Malaysia terpelihara.

“Di Malaysia, data peribadi dan kerahsiaan rakyat dilindungi supaya tidak disalahgunakan.

“Tindakan tegas akan diambil melalui undang-undang sedia ada bagi menjamin hak rakyat Malaysia sentiasa terpelihara,” kata jawapan bertulis beliau di Dewan Rakyat hari ini. Read more

Putrajaya bought spyware from Hacking Team, leaked info shows

Source: The Malaysian Insider

Leaked information posted on Hacking Team’s own Twitter feed shows its Malaysian customers. – medium.com pic, July 7, 2015.

Leaked information online revealed that the Malaysian government was among the countries buying services from Milan-based hackers, Hacking Team, who have been selling software to repressive governments to spy on their citizens.

This was revealed after Hacking Team itself became the victim of a major hack over the weekend, where the leaked information, including its client list, was posted on its own Twitter feed.

According to a posting by Twitter user @obeselowlife on blogging website medium.com, Malaysian Intelligence and the Prime Minister’s Office are clients of the Hacking Team.

The Malaysian Anti-Corruption Commission (MACC) was a former client but invoices uploaded by Twitter user @SynAckPwn showed that the contract with the anti-graft body had lapsed, the posting said.

The leaked invoices also indicated that the purchases were routed through a Malaysian surveillance tech reseller in Shah Alam – Miliserv Technologies. Read more