The Central Database Hub, also known as the PADU, should be suspended until amendments are made to the Personal Data Protection Act 2010 (PDPA), according to a rights group.
FMT reports that the Lawyers for Liberty expressed concerns about potential abuse and data security, stressing that the current PDPA exempts the government from liability.
This exemption, they argue, allows the government to utilise data collected by PADU for purposes beyond its intended use of facilitating targeted subsidies.
The rights group’s director Zaid Malek pointed out instances of past government misuse of data, such as disseminating propaganda via SMS, and the government had “a bad track record of data protection”, citing the numerous reports of data being stolen from multiple government agencies and exposing users to scams and data fraud.
Due to the government’s immunity from liability under the PDPA, there is no legal recourse for individuals affected by data breaches. Zaid insisted on immediate PDPA amendments to hold the government and relevant agencies accountable for data protection.
He stressed the necessity of a system for public inquiries in the event of data breaches to inform affected individuals and enable necessary actions against those responsible.