Question

Question 3

Cybercrimes are increasing in Malaysia. Combating the threat is very challenging since Malaysia is still lacking in many of the tools required including manpower and technology.

a) Based on your thoughts and opinions, what do we need in order to prevent cybercrimes in Malaysia? Justify your answers. [10 marks]

b) Discuss the FIVE (5) Cyberlaw Acts in Malaysia. [15 marks]

Answer 1

a) Based on my thoughts and opinons the following measures can be taken to combat cyber crime in Malasiya:

• Up-to-date Security and Management Software. Keep the systems up to date, and get security software that allows one to manage, monitor, and protect every device and file in every organization (without impeding any workers).
• Cybersecurity Training Program. The biggest threat to enterprise data is and always will be the employees. You can’t completely eliminate that risk, but you can mitigate it through cybersecurity training processes and protocols.
• Educate and inspire the importance of having a strong and secure password and ecouraging people for not sharing it with their near and dear ones.
• Using VPNs where more security and privacy is required and avoiding freeware programs as much as possible.
• Ethical Hackers. These white hats will approach every piece of your infrastructure as though they were a criminal trying to break in, and once they find a weakness, you’ll be the first to know.

b) The following are the Cyberlaw Acts in Malaysia

• Computer Crimes Act 1997 (“CCA”)

  Malaysia’s Computer Crimes Act 1997 (“CCA”) has been enacted in 1997 to cater offences relating to the misuse of computers (which includes hacking). It was enacted two years after what has been considered as the beginning of the Internet age in Malaysia.

• Communications and Multimedia Act 1998 (“CMA”)

  The CMA provides for and regulates the converging areas of communications and multimedia in Malaysia. In particular, the CMA regulates various activities carried out by licensees (i.e. network facilities providers, network service providers, applications service providers and content applications service providers) as well as those utilising the services provided by the licensees.

• Penal Code

  The CCA has specifically mentioned about the Penal Code in section 4 of the CCA. Section 4 states that it is an offence under the CCA if a person does a ‘computer crime’ with the intention to commit fraud or dishonesty or to cause injury as defined in the Penal Code.

  Malaysian cyber laws do not have a specific provision on the electronic or computer-related identity theft or identity fraud. However, it has been proposed for section 416 of the Penal Code to also be applied to identity theft. Under section 416 of the Penal Code, it is an offence to “cheat by personation”, i.e. where a person cheats by pretending to be some other person, or by knowingly substituting one person for another, or representing that he or any other person is a person other than he or such person really is.

• Personal Data Protection Act 2010 (“PDPA”)

  PDPA in Malaysia only protects personal data received and processed in commercial transactions. Ironically, PDPA does not apply to the GOM and state governments, which now gives us no apparent right to take action against the GOM or state governments in the event our personal data stored, controlled, and processed by the GOM and state governments have been manipulated or leaked. Despite we still have the option under common law principle to take action against the GOM and state governments if our personal data have been wrongly used, this still does not guarantee that we will have a bright chance to proceed with this action. From what we might know, the court will strike out our application for any reason the court may think reasonable, eventually.

• Copyright Act 1987

  Under the Malaysia’s Copyright Act 1987, copyright owners have the right to bring an action against any person for copyright infringement, either as a civil or criminal offence.

  Section 41 of the Copyright Act 1987 sets out a range of offences for copyright infringement, which include making for sale or hire, distributing, and exhibiting in public any infringing copy during the subsistence of copyright in a work or performer’s right.