logging in or signing up ICT LAw sitihonda Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 174 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: May 17, 2011 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Slide 1: 1 MALAYSIAN CYBERLAWS AND THEIR IMPLEMENTATION 21 JUNE 2004 By Mohamed Nor Hj. Abd Aziz Ministry of Energy, Water and Communications SABAH STATE GOVERNMENT CIO CONFERENCE 2004Slide 2: 2 Outline of Presentation . 1. Introduction 2. Malaysian cyber laws 3. Where we are Moving Forward New Statutes Other requirements to ensure a smooth transition to the new economy 5. ConclusionICT INDUSTRY DEVELOPMENT IN MALAYSIA: 3 Pre-1987 1987 Privatisation 1993 Market Liberalisation New Service Providers NITC NITA 1994 1996 ICT Industry Development spearheaded by MSC 1997 Cyber Laws Computer Crime Act 1997 Digital Signature Act 1997 1998 Post 2003 Towqrds connected society Ubiquitous computing Government as provider of services (Telekom) Convergence Policy Communica-tions and Multimedia Act (Act 588) Shift towards market liberalisation Convergence of c ommunications and multimedia industry ICT INDUSTRY DEVELOPMENT IN MALAYSIASlide 4: 4 Appropriate legal and technical infrastructure is a prerequisite to a smooth transition to the conduct of transactions via the electronic media. How do we ensure that our laws facilitate and not impede our transition to the digital economy? REQUIREMENT FOR LEGAL AND TECHNICAL INFRASTRUCTURETHE CYBERLAWS: 5 THE CYBERLAWSSupportive Cyber-laws: 6 Supportive Cyber-laws Amendments of Statutes 1. Communications and Multimedia (Amendment) Bill 2004 2. Communications and Multimedia Commission (Amendment) Bill 2004. Proposed Statutes 1. Personal Data Protection Act 2. Electronic Transactions Act (ETA) 3. E-Government Activities Act (EGA) 4. New Subsidiary Legislations Existing Statutes Communications and Multimedia Act 1998(CMA) 2. Malaysian Communications and Multimedia Commission Act 1998 3. Digital Signature Act 1997 4. Computer Crimes Act 1997 5. Copyright Act (Amendment) Act 1997 6. Telemedicine Act 1997 7. Optical Discs Act 2000Slide 7: 7 MAIN FEATURES COMMUNICATIONS AND MULTIMEDIA ACT 1998 The “mother” cyber law that provides for legislative, regulatory and institutional framework to cater for the convergence of the telecommunications, broadcasting and computing industries. Pro-Competition Transparent Less Regulation Flexible and Generic Emphasize Process Rather than Content Industry Self-Discipline Regulatory ForebearanceSlide 8: 8 Licence Individual Class 1. Network Facilities 2. Network Services 3. Content Application Services 4. Application Services NEW LICENSING STRUCTURE REGULATORY FRAMEWORKLICENSES ISSUED UNDER ACT 588: Kementerian Tenaga, Komunikasi dan Multimedia 9 LICENSES ISSUED UNDER ACT 588 LICENSE INDIVIDUAL CLASS Network Facilities Provider (NFP) 31 24 Network Service Provider (NSP) 30 24 Application Service Provider (ASP) 80 95 Content Application Service Provider (CASP) 20 - TOTAL 161 143 NEW AND MIGRATION LICENSES UNDER ACT 588 (INDIVIDUAL LICENSES): NEW AND MIGRATION LICENSES UNDER ACT 588 (INDIVIDUAL LICENSES) LICENSES MIGRATION NEW TOTAL Network Facilities Provider (NFP) 20 11 31 Network Service Provider (NSP) 19 11 30 Application Service Provider (ASP) 16 64 80 Content Application Service Provider (CASP) 19 1 20 Total 74 87 161 Catatan: Sehingga Mei 2004DEVELOPMENT SINCE ACT 588 : Kementerian Tenaga, Komunikasi dan Multimedia 11 VISIBLE INCREASE IN CELLULAR PENETRATION - From 12% or 2.7 million subscribers in 1999 to 43.6% or 11 million subscribers in 2003* INCREASE IN INTERNET USERS - From 2.0 million in 1999 to 8.7 million in 2003* MORE CHOICES FOR CONSUMERS AND LOWER COSTS OF SERVICES Streamyx service reduced by 30% Lower charges for mobile services More “free to air” TV stations – Channel 9, 8TV (*) – Statistik sehingga Dis 2003 DEVELOPMENT SINCE ACT 588Slide 12: 12 MINISTER MECM TRIBUNAL MCMC INDUSTRY FORUMS INSTITUTIONAL FRAMEWORKSlide 13: 13 Power to establish an independent body to: 1. Enforce legislation (CMA 1998) 2. Regulate industry 3. Promote Industry Development 4. Promote Industry Self-Regulation COMMUNICATIONS AND MULTIMEDIA COMMISSION ACT 1998Slide 14: 14 An Act to legalise digital signature Facilitate e-commerce and secure on- line transaction through the use of digital signatures Establishment of Certification Authority as the body responsible in issuing PKI, Private key, warranties and liabilities. DIGITAL SIGNATURE ACT 1997Slide 15: 15 The Act provides for: protection to companies, government and individuals from computer crimes in the digital era; clear definitions on criminal activities related to use of computers such as cyber fraud, illegal access, interceptions, and illegal use of computers. COMPUTER CRIME ACT 1997Slide 16: 16 Financial Institutions 67% Education 18% Government 10% Non-Profit Organisation 5% Cyber crime incidents by organisation Increase in Cyber Crime Source: Niser Cyber crime 2002 2003 % Hacking threats 262 367 40 Virus 260 449 73Slide 17: 17 Under-reporting of cyber crimes: Maintaining their business and making profit; Unwillingness to go through the legal process; Expose confidential business information; No provision for victim to receive restitution for the damage suffered. COMPUTER CRIME ACT 1997Slide 18: 18 Provides protection for multimedia works. Reflects up-to-date developments in copy rights issue. Clarify legal issues in digital transmission, use of multimedia and its components. COPYRIGHT ACT (A) 1997Slide 19: 19 Provisions to regulate telemedicine activities: Registration for practitioners; Telemedicine practices by foreign practitioners; and Medical data management and electronic prescription TELEMEDICINE ACT 1997 WHERE WE ARE: 20 WHERE WE AREICT INDUSTRY: 21 Market Size RM 17 Bilion RM 2.2 Bilion Sector RM 13.8 Bilion Networked Facilities and Services Application Services e.g voice, data, web, texts etc. Content Application Services (Broadcasting) Main Companies TMB, MAXIS, DiGi, Celcom, Time, JARING,etc TV1, TV2, TV3, NTV7, ASTRO, ERA, etc. TMNet, TMB, MAXIS, Redtone,etc. Source – KTKM/Industry Estimates, 2003 Total – RM 33 Bilion ICT INDUSTRYSlide 22: 22 CELLULAR PENETRATION BETWEEN SELECTED COUNTRIES 2002 Source: ITU@2003Slide 23: 23 COMPUTER AND INTERNET PENETRATION Computer Ownership - 4.2 Juta (16.7 %) Internet Penetration - 2.9 Juta (11.4 %) Sumber : MCMCSlide 24: 24 INTERNET PENETRATION BETWEEN SELECTED COUNTRIES 2002 Source: ITU@2003Slide 25: 25 BROADBAND PENETRATION RATES (%) AMONG SELECTED ASIAN COUNTRIES IN 2002 Source: Frost & Sullivan 1.5m 14.5m 196k 19k 465k 640kSlide 26: 26 BROADBAND SUBSCRIBERS IN MALAYSIA 2003 MOVING FORWARD: 27 MOVING FORWARDSlide 28: 28 HARMONIZATION OF LAWS WITH CYBER-LAWS A study on the harmonization of laws with cyber laws was undertaken in 2001. RECOMMENDED MEASURES: Proposed amendments to existing laws; Introduction of new laws; Policy considerations; and International initiatives.Slide 29: 29 AMENDMENT OF STATUTES . THE COMMUNICATIONS AND MULTIMEDIA (AMENDMENT) BILL 2003 PURPOSE OF AMENDMENTS: TO INSERT THE NECESSARY SUBSTANTIVE PROVISIONS FOR THE ESTABLISHMENT OF AN INDEPENDENT APPEAL TRIBUNAL; AND TO STRENGHTHEN THE CURRENT REGULATORY AND LICENSING REGIME.Slide 30: 30 AMENDMENTS - SUBSIDIARY LEGISLATIONS UNDER THE COMMUNICATIONS AND MULTIMEDIA ACT 1998 Communications and Multimedia (Licensing) Regulations 2000; Communications and Multimedia (Spectrum) Regulations 2000; Communications and Multimedia (Technical Standards) Regulations 2000; Communications and Multimedia (Spectrum) (Exemption) Order 2000; Communications and Multimedia (Licensing) (Exemption) Order 2000 Communications and Multimedia (USP) Regulations 2002 Communications and Multimedia (Rates) Rules 2002 Notification of Issuance of Class AssignmentsSlide 31: 31 THE MALAYSIAN COMMUNICATIONS AND MULTIMEDIA COMMISSION (AMENDMENT) BILL 2004 PURPOSE : TO INCREASE THE NUMBER OF MEMBERS OF THE COMMISSION AND EXTEND THEIR TENURE OF OFFICE; AND TO ENABLE THE CMC FUND TO BE EXPENDED FOR THE PURPOSE OF IMPLEMENTING ANY PROJECTS IDENTIFIED BY THE MINISTER TO INCREASE ACCESS.Slide 32: 32 To provide legal certainty for e-transactions undertaken by businesses or Government, two new legislations will be introduced:- Electronic Transactions Bill – to address electronic transactions and communications. E-Government Activities Bill – to support and promote electronic government. ENACTMENT OF NEW LAWS Electronic Transactions Bill : 33 Electronic Transactions Bill Aim: To give legal recognition to electronic communications and facilitate electronic commerce. Primary Focus: All forms of online commercial activity which are undertaken by companies, individuals or the Government. Principles: Achieving functional equivalence – as far possible, paper based commerce and electronic commerce should be treated equally by the law; and The related principle of ensuring technology neutrality Electronic Transactions Bill : 34 Electronic Transactions Bill Main Operative Provisions: Legal recognition of electronic communications Legal recognition of electronic signatures Legal recognition of electronic documents as originals Attribution of electronic communications Record retention and management requirement Formation, validity, time and place of contracting Automated transactions and electronic agents Correction of errors Relationship of Members of a Digital Market; and Applicable Law for Tortuous Liability.Electronic Government Activities Bill (EGA): 35 Electronic Government Activities Bill (EGA) EGA was proposed to enable functions or transactions between the various government agencies and the citizenry to be undertaken electronically, whilst ensuring a uniform legal standard for activities to be undertaken electronically. The EGA allows the Government to set down rules on the manner of electronic dealings from and to the public.Electronic Government Activities Bill (EGA): 36 Electronic Government Activities Bill (EGA) Characteristics: - An enabling Act - Supplement existing statutory provisions - Consistent approach to public e-dealings. - Unique policy requirements of agencies can be addressed. - Technology Neutral - Relevance of Act. - Flexibility - Applies only when agency “e-enables” the statute. - Choice as to the mode of transaction by govt agencies and the public.Electronic Government Activities Bill: 37 Electronic Government Activities Bill Some salient provisions of the Bill: Legal recognition of electronic information. Minister’s powers to issue IT Instructions / guidelines relating to minimum criteria for IT standards and electronic signatures, systems for recording time, acknowledging receipt of electronic documents or information, suitable security measures etc. Designation by Minister / Agency. Special Agency Requirements. Sets out uniform rules which are applied to any designated Act, unless specifically excluded or modified.Electronic Government Activities Bill: 38 Electronic Government Activities Bill Advantages and possibilities: On-line technology has the potential to break down traditional barriers such as distance faced by the population; Businesses and citizens will have improved access to the Government; and Integrated Government services and action.Electronic Government Activities Bill (EGA): 39 Electronic Government Activities Bill (EGA) EGA was proposed to enable functions or transactions between the various government agencies and the citizenry to be undertaken electronically, whilst ensuring a uniform legal standard for activities to be undertaken electronically. The EGA allows the Government to set down rules on the manner of electronic dealings from and to the public. ENSURING ON-LINE TRUST AND CONFIDENCE: 40 ENSURING ON-LINE TRUST AND CONFIDENCE Two aspects related to on-line trust and confidence: - Privacy and personal data protection (PDP); and Security of electronic transactions. PRIVACY AND INFORMATION SECURITYSlide 41: 41 PDP - Protect personal data Promote secured electronic environment Encourage electronic transactions Enhance consumer trust and confidence PERSONAL DATA PROTECTION BILLThe challenge: 42 The challengeSlide 43: 43 Malaysia favors the adoption of a modified version of the US Safe Harbor. THE GLOBAL PDP SCENARIO Countries deemed adequate by the EU are: Countries in the EU itself except France and Ireland, Hungary, Switzerland, US Safe Harbor and Canada.Slide 44: 44 Notice Principle - Notice about the purposes and uses of personal data; how to contact and disclosure to third parties . Choice principle - the choice to opt out in relation to disclosure and use of personal data Choice principle (sensitive data) - the choice to opt in in relation to disclosure and use of sensitive personal data Disclosure principle - Notice principle and choice principle shall be applied for disclosure. MALAYSIAN PDP PRINCIPLES (MODIFICATION OF SAFE HABOR ARRANGEMENT)Slide 45: 45 Data integrity principle - Personal data shall be relevant, reasonable and compatible. Access principle - Access allowed unless it falls within the prescribed exceptions. Enforcement principle - Ensure clear, understandable and transparent mechanisms for compliance with the PDP principles. Security principle - Reasonable precautions to ensure security.Slide 46: 46 Reasons: Australia, Hong Kong, Taiwan, New Zealand not considered because not adequate Hungary and Switzerland not considered because not common law system UK and Canada not considered because complicated and onerousPrivacy is about good information practices: 47 Privacy requires effective Security.... ....but effective Security does not guarantee effective Privacy Privacy is about good information practicesPrivacy is a Shared Responsibility: 48 Roles to play for individuals, industry, and government. Individuals should be able to make informed choices and be protected from harm & fraud Industry should ensure fair information practices. In some areas, Governments must choose whether to limit individual control over data to achieve larger societal benefits (e.g. security, health etc.). A balanced approach enables individuals to benefit from responsible commercial uses of personal information Privacy is a Shared ResponsibilitySlide 49: 49 The regime is adequate Protection from review and changes to the EU Directive Not too complicated or burdensome EU non discriminatory stand on adequacy US Safe Harbor is considered for the following reasons:Requirement of Integrated Protection Of Cyberspace : 50 Requirement of Integrated Protection Of Cyberspace Logical Security Cryptography Authentication Digital Signature Physical Security Automated Building Perimeters Organizational Security Policy Structure Personnel Operational Security (OPSEC) Work process Special handling Communication Security (COMSEC) Secure network infra Secure comms channel Equipment Security Tempest Proof Robust Tamper Resistant Computer Security Server Client Archive Application Security Secure Messaging Secure voice Wireless Security Radio HF/VHF/UHF Secure GSM, PCN, TETRA Freq hopping, spread spectrum Feedbacks Integrated Action Plan CONCLUSION: 51 CONCLUSIONSlide 52: 52 Cyber laws provide Malaysia with a strong foundation for growth in networked communications, e-businesses and EG; Malaysia is quite advanced in terms of its legislative and regulatory framework to prepare ourselves towards the new economy; However, national legislation on its own will not achieve the desired objectives – development in technical infrastructure, infostructure participation and resolution of issues through global fora . CONCLUSIONSlide 53: 53 Thank You You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
ICT LAw sitihonda Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 174 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: May 17, 2011 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Slide 1: 1 MALAYSIAN CYBERLAWS AND THEIR IMPLEMENTATION 21 JUNE 2004 By Mohamed Nor Hj. Abd Aziz Ministry of Energy, Water and Communications SABAH STATE GOVERNMENT CIO CONFERENCE 2004Slide 2: 2 Outline of Presentation . 1. Introduction 2. Malaysian cyber laws 3. Where we are Moving Forward New Statutes Other requirements to ensure a smooth transition to the new economy 5. ConclusionICT INDUSTRY DEVELOPMENT IN MALAYSIA: 3 Pre-1987 1987 Privatisation 1993 Market Liberalisation New Service Providers NITC NITA 1994 1996 ICT Industry Development spearheaded by MSC 1997 Cyber Laws Computer Crime Act 1997 Digital Signature Act 1997 1998 Post 2003 Towqrds connected society Ubiquitous computing Government as provider of services (Telekom) Convergence Policy Communica-tions and Multimedia Act (Act 588) Shift towards market liberalisation Convergence of c ommunications and multimedia industry ICT INDUSTRY DEVELOPMENT IN MALAYSIASlide 4: 4 Appropriate legal and technical infrastructure is a prerequisite to a smooth transition to the conduct of transactions via the electronic media. How do we ensure that our laws facilitate and not impede our transition to the digital economy? REQUIREMENT FOR LEGAL AND TECHNICAL INFRASTRUCTURETHE CYBERLAWS: 5 THE CYBERLAWSSupportive Cyber-laws: 6 Supportive Cyber-laws Amendments of Statutes 1. Communications and Multimedia (Amendment) Bill 2004 2. Communications and Multimedia Commission (Amendment) Bill 2004. Proposed Statutes 1. Personal Data Protection Act 2. Electronic Transactions Act (ETA) 3. E-Government Activities Act (EGA) 4. New Subsidiary Legislations Existing Statutes Communications and Multimedia Act 1998(CMA) 2. Malaysian Communications and Multimedia Commission Act 1998 3. Digital Signature Act 1997 4. Computer Crimes Act 1997 5. Copyright Act (Amendment) Act 1997 6. Telemedicine Act 1997 7. Optical Discs Act 2000Slide 7: 7 MAIN FEATURES COMMUNICATIONS AND MULTIMEDIA ACT 1998 The “mother” cyber law that provides for legislative, regulatory and institutional framework to cater for the convergence of the telecommunications, broadcasting and computing industries. Pro-Competition Transparent Less Regulation Flexible and Generic Emphasize Process Rather than Content Industry Self-Discipline Regulatory ForebearanceSlide 8: 8 Licence Individual Class 1. Network Facilities 2. Network Services 3. Content Application Services 4. Application Services NEW LICENSING STRUCTURE REGULATORY FRAMEWORKLICENSES ISSUED UNDER ACT 588: Kementerian Tenaga, Komunikasi dan Multimedia 9 LICENSES ISSUED UNDER ACT 588 LICENSE INDIVIDUAL CLASS Network Facilities Provider (NFP) 31 24 Network Service Provider (NSP) 30 24 Application Service Provider (ASP) 80 95 Content Application Service Provider (CASP) 20 - TOTAL 161 143 NEW AND MIGRATION LICENSES UNDER ACT 588 (INDIVIDUAL LICENSES): NEW AND MIGRATION LICENSES UNDER ACT 588 (INDIVIDUAL LICENSES) LICENSES MIGRATION NEW TOTAL Network Facilities Provider (NFP) 20 11 31 Network Service Provider (NSP) 19 11 30 Application Service Provider (ASP) 16 64 80 Content Application Service Provider (CASP) 19 1 20 Total 74 87 161 Catatan: Sehingga Mei 2004DEVELOPMENT SINCE ACT 588 : Kementerian Tenaga, Komunikasi dan Multimedia 11 VISIBLE INCREASE IN CELLULAR PENETRATION - From 12% or 2.7 million subscribers in 1999 to 43.6% or 11 million subscribers in 2003* INCREASE IN INTERNET USERS - From 2.0 million in 1999 to 8.7 million in 2003* MORE CHOICES FOR CONSUMERS AND LOWER COSTS OF SERVICES Streamyx service reduced by 30% Lower charges for mobile services More “free to air” TV stations – Channel 9, 8TV (*) – Statistik sehingga Dis 2003 DEVELOPMENT SINCE ACT 588Slide 12: 12 MINISTER MECM TRIBUNAL MCMC INDUSTRY FORUMS INSTITUTIONAL FRAMEWORKSlide 13: 13 Power to establish an independent body to: 1. Enforce legislation (CMA 1998) 2. Regulate industry 3. Promote Industry Development 4. Promote Industry Self-Regulation COMMUNICATIONS AND MULTIMEDIA COMMISSION ACT 1998Slide 14: 14 An Act to legalise digital signature Facilitate e-commerce and secure on- line transaction through the use of digital signatures Establishment of Certification Authority as the body responsible in issuing PKI, Private key, warranties and liabilities. DIGITAL SIGNATURE ACT 1997Slide 15: 15 The Act provides for: protection to companies, government and individuals from computer crimes in the digital era; clear definitions on criminal activities related to use of computers such as cyber fraud, illegal access, interceptions, and illegal use of computers. COMPUTER CRIME ACT 1997Slide 16: 16 Financial Institutions 67% Education 18% Government 10% Non-Profit Organisation 5% Cyber crime incidents by organisation Increase in Cyber Crime Source: Niser Cyber crime 2002 2003 % Hacking threats 262 367 40 Virus 260 449 73Slide 17: 17 Under-reporting of cyber crimes: Maintaining their business and making profit; Unwillingness to go through the legal process; Expose confidential business information; No provision for victim to receive restitution for the damage suffered. COMPUTER CRIME ACT 1997Slide 18: 18 Provides protection for multimedia works. Reflects up-to-date developments in copy rights issue. Clarify legal issues in digital transmission, use of multimedia and its components. COPYRIGHT ACT (A) 1997Slide 19: 19 Provisions to regulate telemedicine activities: Registration for practitioners; Telemedicine practices by foreign practitioners; and Medical data management and electronic prescription TELEMEDICINE ACT 1997 WHERE WE ARE: 20 WHERE WE AREICT INDUSTRY: 21 Market Size RM 17 Bilion RM 2.2 Bilion Sector RM 13.8 Bilion Networked Facilities and Services Application Services e.g voice, data, web, texts etc. Content Application Services (Broadcasting) Main Companies TMB, MAXIS, DiGi, Celcom, Time, JARING,etc TV1, TV2, TV3, NTV7, ASTRO, ERA, etc. TMNet, TMB, MAXIS, Redtone,etc. Source – KTKM/Industry Estimates, 2003 Total – RM 33 Bilion ICT INDUSTRYSlide 22: 22 CELLULAR PENETRATION BETWEEN SELECTED COUNTRIES 2002 Source: ITU@2003Slide 23: 23 COMPUTER AND INTERNET PENETRATION Computer Ownership - 4.2 Juta (16.7 %) Internet Penetration - 2.9 Juta (11.4 %) Sumber : MCMCSlide 24: 24 INTERNET PENETRATION BETWEEN SELECTED COUNTRIES 2002 Source: ITU@2003Slide 25: 25 BROADBAND PENETRATION RATES (%) AMONG SELECTED ASIAN COUNTRIES IN 2002 Source: Frost & Sullivan 1.5m 14.5m 196k 19k 465k 640kSlide 26: 26 BROADBAND SUBSCRIBERS IN MALAYSIA 2003 MOVING FORWARD: 27 MOVING FORWARDSlide 28: 28 HARMONIZATION OF LAWS WITH CYBER-LAWS A study on the harmonization of laws with cyber laws was undertaken in 2001. RECOMMENDED MEASURES: Proposed amendments to existing laws; Introduction of new laws; Policy considerations; and International initiatives.Slide 29: 29 AMENDMENT OF STATUTES . THE COMMUNICATIONS AND MULTIMEDIA (AMENDMENT) BILL 2003 PURPOSE OF AMENDMENTS: TO INSERT THE NECESSARY SUBSTANTIVE PROVISIONS FOR THE ESTABLISHMENT OF AN INDEPENDENT APPEAL TRIBUNAL; AND TO STRENGHTHEN THE CURRENT REGULATORY AND LICENSING REGIME.Slide 30: 30 AMENDMENTS - SUBSIDIARY LEGISLATIONS UNDER THE COMMUNICATIONS AND MULTIMEDIA ACT 1998 Communications and Multimedia (Licensing) Regulations 2000; Communications and Multimedia (Spectrum) Regulations 2000; Communications and Multimedia (Technical Standards) Regulations 2000; Communications and Multimedia (Spectrum) (Exemption) Order 2000; Communications and Multimedia (Licensing) (Exemption) Order 2000 Communications and Multimedia (USP) Regulations 2002 Communications and Multimedia (Rates) Rules 2002 Notification of Issuance of Class AssignmentsSlide 31: 31 THE MALAYSIAN COMMUNICATIONS AND MULTIMEDIA COMMISSION (AMENDMENT) BILL 2004 PURPOSE : TO INCREASE THE NUMBER OF MEMBERS OF THE COMMISSION AND EXTEND THEIR TENURE OF OFFICE; AND TO ENABLE THE CMC FUND TO BE EXPENDED FOR THE PURPOSE OF IMPLEMENTING ANY PROJECTS IDENTIFIED BY THE MINISTER TO INCREASE ACCESS.Slide 32: 32 To provide legal certainty for e-transactions undertaken by businesses or Government, two new legislations will be introduced:- Electronic Transactions Bill – to address electronic transactions and communications. E-Government Activities Bill – to support and promote electronic government. ENACTMENT OF NEW LAWS Electronic Transactions Bill : 33 Electronic Transactions Bill Aim: To give legal recognition to electronic communications and facilitate electronic commerce. Primary Focus: All forms of online commercial activity which are undertaken by companies, individuals or the Government. Principles: Achieving functional equivalence – as far possible, paper based commerce and electronic commerce should be treated equally by the law; and The related principle of ensuring technology neutrality Electronic Transactions Bill : 34 Electronic Transactions Bill Main Operative Provisions: Legal recognition of electronic communications Legal recognition of electronic signatures Legal recognition of electronic documents as originals Attribution of electronic communications Record retention and management requirement Formation, validity, time and place of contracting Automated transactions and electronic agents Correction of errors Relationship of Members of a Digital Market; and Applicable Law for Tortuous Liability.Electronic Government Activities Bill (EGA): 35 Electronic Government Activities Bill (EGA) EGA was proposed to enable functions or transactions between the various government agencies and the citizenry to be undertaken electronically, whilst ensuring a uniform legal standard for activities to be undertaken electronically. The EGA allows the Government to set down rules on the manner of electronic dealings from and to the public.Electronic Government Activities Bill (EGA): 36 Electronic Government Activities Bill (EGA) Characteristics: - An enabling Act - Supplement existing statutory provisions - Consistent approach to public e-dealings. - Unique policy requirements of agencies can be addressed. - Technology Neutral - Relevance of Act. - Flexibility - Applies only when agency “e-enables” the statute. - Choice as to the mode of transaction by govt agencies and the public.Electronic Government Activities Bill: 37 Electronic Government Activities Bill Some salient provisions of the Bill: Legal recognition of electronic information. Minister’s powers to issue IT Instructions / guidelines relating to minimum criteria for IT standards and electronic signatures, systems for recording time, acknowledging receipt of electronic documents or information, suitable security measures etc. Designation by Minister / Agency. Special Agency Requirements. Sets out uniform rules which are applied to any designated Act, unless specifically excluded or modified.Electronic Government Activities Bill: 38 Electronic Government Activities Bill Advantages and possibilities: On-line technology has the potential to break down traditional barriers such as distance faced by the population; Businesses and citizens will have improved access to the Government; and Integrated Government services and action.Electronic Government Activities Bill (EGA): 39 Electronic Government Activities Bill (EGA) EGA was proposed to enable functions or transactions between the various government agencies and the citizenry to be undertaken electronically, whilst ensuring a uniform legal standard for activities to be undertaken electronically. The EGA allows the Government to set down rules on the manner of electronic dealings from and to the public. ENSURING ON-LINE TRUST AND CONFIDENCE: 40 ENSURING ON-LINE TRUST AND CONFIDENCE Two aspects related to on-line trust and confidence: - Privacy and personal data protection (PDP); and Security of electronic transactions. PRIVACY AND INFORMATION SECURITYSlide 41: 41 PDP - Protect personal data Promote secured electronic environment Encourage electronic transactions Enhance consumer trust and confidence PERSONAL DATA PROTECTION BILLThe challenge: 42 The challengeSlide 43: 43 Malaysia favors the adoption of a modified version of the US Safe Harbor. THE GLOBAL PDP SCENARIO Countries deemed adequate by the EU are: Countries in the EU itself except France and Ireland, Hungary, Switzerland, US Safe Harbor and Canada.Slide 44: 44 Notice Principle - Notice about the purposes and uses of personal data; how to contact and disclosure to third parties . Choice principle - the choice to opt out in relation to disclosure and use of personal data Choice principle (sensitive data) - the choice to opt in in relation to disclosure and use of sensitive personal data Disclosure principle - Notice principle and choice principle shall be applied for disclosure. MALAYSIAN PDP PRINCIPLES (MODIFICATION OF SAFE HABOR ARRANGEMENT)Slide 45: 45 Data integrity principle - Personal data shall be relevant, reasonable and compatible. Access principle - Access allowed unless it falls within the prescribed exceptions. Enforcement principle - Ensure clear, understandable and transparent mechanisms for compliance with the PDP principles. Security principle - Reasonable precautions to ensure security.Slide 46: 46 Reasons: Australia, Hong Kong, Taiwan, New Zealand not considered because not adequate Hungary and Switzerland not considered because not common law system UK and Canada not considered because complicated and onerousPrivacy is about good information practices: 47 Privacy requires effective Security.... ....but effective Security does not guarantee effective Privacy Privacy is about good information practicesPrivacy is a Shared Responsibility: 48 Roles to play for individuals, industry, and government. Individuals should be able to make informed choices and be protected from harm & fraud Industry should ensure fair information practices. In some areas, Governments must choose whether to limit individual control over data to achieve larger societal benefits (e.g. security, health etc.). A balanced approach enables individuals to benefit from responsible commercial uses of personal information Privacy is a Shared ResponsibilitySlide 49: 49 The regime is adequate Protection from review and changes to the EU Directive Not too complicated or burdensome EU non discriminatory stand on adequacy US Safe Harbor is considered for the following reasons:Requirement of Integrated Protection Of Cyberspace : 50 Requirement of Integrated Protection Of Cyberspace Logical Security Cryptography Authentication Digital Signature Physical Security Automated Building Perimeters Organizational Security Policy Structure Personnel Operational Security (OPSEC) Work process Special handling Communication Security (COMSEC) Secure network infra Secure comms channel Equipment Security Tempest Proof Robust Tamper Resistant Computer Security Server Client Archive Application Security Secure Messaging Secure voice Wireless Security Radio HF/VHF/UHF Secure GSM, PCN, TETRA Freq hopping, spread spectrum Feedbacks Integrated Action Plan CONCLUSION: 51 CONCLUSIONSlide 52: 52 Cyber laws provide Malaysia with a strong foundation for growth in networked communications, e-businesses and EG; Malaysia is quite advanced in terms of its legislative and regulatory framework to prepare ourselves towards the new economy; However, national legislation on its own will not achieve the desired objectives – development in technical infrastructure, infostructure participation and resolution of issues through global fora . CONCLUSIONSlide 53: 53 Thank You