AMENDMENTS to the Personal Data Protection (PDP) Act, which aim to improve provisions on the processing of personal data and curb any misuse, have been tabled for first reading in the Dewan Rakyat.

The Bill was tabled by Digital Minister Gobind Singh Deo yesterday.

It is expected to be tabled for second reading in the current Dewan Rakyat meeting.

Under the proposed amendments, each organisation that deals with data will have to appoint a data protection officer and notify the PDP commissioner.

Data protection officers will be responsible for reporting any incident of data breaches as soon as possible.

A data officer who fails to report such incidents could face a fine of up to RM250,000 or prison term of not more than two years, or both, if convicted.

The amendments will also see the creation of a new section 43A on rights to portability, which allows individuals to request the data controller to transfer personal data to the data officer of their choice.

Stiffer penalties have also been proposed for data controllers through an amendment under Section 5.

It has been proposed that the quantum of the fine be raised from RM300,000 to RM1mil while the jail term has been increased from two to three years.

In a press conference after the tabling of the amendments, Gobind said the government viewed the issue of data breaches and leaks seriously.

In 2023, the PDP commissioner received 779 complaints on data breaches and abuses.

As of June this year, 288 complaints were received.

“The amendments are intended to ensure that no data will be used without the consent of the data owner and prevent the misuse of data while using existing and future digital platforms,” he said.