Malaysia orders telecoms firms to hand over user data, raising privacy concerns
The government claims it’s for a mobile project, but critics cite data security risks

In April, the Malaysian Communications and Multimedia Commission (MCMC) sent a letter to telecoms companies instructing them to send detailed call and internet logs for the first three months of this year, apparently for the government’s Mobile Phone Data project, two industry sources confirmed.
Non-compliance would be considered an offence under the Communications and Multimedia Act, which carries a penalty of a 20,000 ringgit (US$4,700) fine or six months’ jail, the commission said in the letter seen by This Week in Asia.
“They are asking for call records, IP call records, location, latitude and longitude,” one source said. “We have asked MCMC about transparency and accountability for the use of the data. We don’t know if MCMC will make a public statement that such an exercise is under way.”
In a statement late on Friday, the MCMC said the data requested would be “used strictly” to generate granular statistics to track active broadband subscription and penetration down to district level and to quantify tourist arrivals.
The process would require telcos to anonymise the data before it was submitted to the commission, it added.