Cyber Law

Musbri Mohamed
DIL; ADIL ( ITM )
Pursuing MBL ( UKM )

1
Cyber Law in Malaysia
Rules & Regulations
in relation with the protection
of information infrastructure

Specific legal Instruments on

Information Infrastructure
Provisions of conventional laws
that apply to Information
Existing Instruments infrastructure

Copyright Act
Communications and Multimedia Act

Proposed Laws
Penal Code
Computer Crimes Act
Personal Data Protection Bill (draft)
Internal Security Act
Digital Signature Act E-Govt Activities (draft bill)

Official Secrets Act

BNM Minimum Guidelines on
Internet Banking in Malaysia

Evidence Act
Content Code

Electronic Commerce Act 2006

2
Cyber law describes the legal issues
related to use of inter-networked
information technology.

Some leading topics include:-

Intellectual property,
Privacy,
Freedom of expression , and
Jurisdiction.

3
SEDARKAH kita kehidupan tanpa maklumat,
tanpa berita dan tanpa ilmu pengetahuan boleh
menjadikan individu umpama hidup pada
zaman batu?

Frasa ini turut merujuk betapa berharganya

maklumat yang memainkan peranan penting
dalam kehidupan manusia apatah lagi ketika kita
menuju ke era globalisasi.

4
Issues of jurisdiction and sovereignty have quickly come to
the fore in the era of the Internet. The Internet does not
tend to make geographical and jurisdictional boundaries
clear, but Internet users remain in physical jurisdictions
and are subject to laws independent of their presence on
the Internet.

5
A new cyber law to protect consumer privacy is likely to come into
force next year. The proposed Personal Data Protection Act breaks
new ground not only in cyber-privacy but also in law-making.

The law is based on the basic principles of transparency

and clarity; more competition and less regulation.

The draft, which runs to more than 80 pages comes in 14 parts and
five schedules

6
As such, a single transaction may involve the laws of at least three
jurisdictions:

• the laws of the state/nation in which the user resides,

• the laws of the state/nation that apply where the server hosting the
transaction is located, and
• the laws of the state/nation which apply to the person or business
with whom the transaction takes place.

So a user in one of the United States conducting a

transaction with another user in Britain through a
server in Canada could theoretically be subject to
the laws of all three countries as they relate to the
transaction at hand.

7
Its chief aim is to regulate the collection, possesion, processing and use of
personal data by any person organisation so as to safeguard individual privacy.
It also aims to establish a set of common rules and guidelines on handling and
treatment of personal data by any person or organisation.

The legislation is envisaged to be a world-class leading edge cyber law that

provides for higher level of personal data protection. It also seeks:
Provide adequate security and privacy in handling personal information;
Create confidence among consumes and users of both networked and non-
networked industries
Accelerate uptake of e-commerce; and
Promote a secure electronic environment in line with Multimedia Super
Corridor (MSC) objectives.

The rationale is to promote Malaysia as a communications and

multimedia hub where the national adoption of e-based transactions
is expected to be high.

8
Net neutrality

Another major area of interest is net neutrality, which affects

the regulation of the infrastructure of the Internet. Though
not obvious to most Internet users, every packet of data sent
and received by every user on the Internet passes through
routers and transmission infrastructure owned by a collection
of private and public entities, including telecommunications
companies, universities, and governments, suggesting that
the Internet is not as independent as Barlow and others
would like to believe. This is turning into one of the most
critical aspects of cyber law and has immediate jurisdictional
implications, as laws in force in one jurisdiction have the
potential to have dramatic effects in other jurisdictions when
host servers or telecommunications companies are affected.

9
Free speech in cyberspace

In comparison to traditional print-based media, the

accessibility and relative anonymity of cyber space has
torn down traditional barriers between an individual and
his or her ability to publish. Any person with an internet
connection has the potential to reach an audience of
millions with little-to-no distribution costs. Yet this new
form of highly-accessible authorship in cyber space raises
questions and perhaps magnifies legal complexities
relating to the freedom and regulation of speech in
cyberspace.

10
Internet regulation in other countries

While there is some United States law that does

restrict access to materials on the internet, it does
not truly filter the internet. Many Asian and
Middle Eastern nations use any number of
combinations of code-based regulation (one of
Lessig's four methods of net regulation) to block
material that their governments have deemed
inappropriate for their citizens to view. China and
Saudi Arabia are two excellent examples of nations
that have achieved high degrees of success in
regulating their citizens access to the internet.

11
Internet Overuse and Online Addiction

BEIJING — Chinese doctors released the country’s

first diagnostic definition of Internet addiction over
the weekend, amid efforts to address an increasing
number of psychological problems that reportedly
result from Internet overuse.
Symptoms of addiction included yearning to get
back online, mental or physical distress, irritation
and difficulty concentrating or sleeping.
Internet-addicted youths are more likely suffer
frustration in interpersonal relations than their
peers.

12
Cyber Crime New Zealand and Teenager

Police in New Zealand are investigating eighteen-year-old who is

alleged to be the leader of a ring which has skimmed £10 million
from bank accounts around the world
Investigators in New Zealand, the US and the Netherlands believe
the youth, who cannot be named but goes by the online name
‘Akill’ - wrote software used to attack more than a million
computers.
The software was allegedly used to bring down the computer
server at the University of Pennsylvania last year.
Police described the teenager as the ringleader of a ‘botnet’ - a
network of computers infiltrated by a programme that
surreptitiously installs itself to allow a hacker to control it.

13
Blogging in Malaysia

A leading Malaysian newspaper has sued two bloggers for

defamation, a company executive and one of the defendants
said on Thursday, in a case the opposition says could stifle
freedom of expression.
The New Straits Times, the country’s oldest newspaper
group, had filed suits against Ahirudin Attan and Jeff Ooi
over numerous postings in their respective blogs attacking
top company officials, Ahirudin and a NST executive said.
This is the first instance of bloggers being sued for libel in
Malaysia, where Internet chatrooms are mushrooming amid
tight government controls on mainstream media.

14
Panduan keselamatan kepada individu bagi mengelakkan
sebarang penipuan internet
Individu

Berhati-hati ketika memberi maklumat peribadi di dalam laman web,

e-mel, sistem pesanan segera, bilik bual atau pada papan mesej,
terutamanya apabila tidak pasti. Individu berhak bertanya mengapa
dan bagaimana maklumat itu digunakan.
Individu perlu melindungi maklumat peribadi. Ia amat berharga.
Kenali dengan siapa individu berurusan setiap masa.
Menggunakan perisian anti virus, anti spyware dan firewall serta
pastikan ia sentiasa dikemas kini.
Memastikan sistem operasi dan penyemak imbas laman web
ditetapkan dengan betul dan sentiasa dikemas kini.
Melindungi kata laluan komputer, e-mel dan laman penting yang
selalu dilawati.
Membuat sandaran bagi fail yang penting.
Kenali siapa perlu dihubungi jika sesuatu berlaku dalam talian.

15
Panduan keselamatan kepada organisasi bagi mengelakkan

sebarang penipuan internet.

Organisasi

Membuat jadual bagi data sandaran pada kekerapan yang boleh

diharapkan.
Mengekalkan data sandaran dalam tempoh tertentu untuk
membenarkan pemulihan semula atau isu pembaikan yang tidak
didedahkan serta-merta.
Menggunakan sandaran secara automatik.
Melakukan siri ujian kepada proses penyalinan.
Sediakan komputer tambahan untuk sentiasa menyalin data.
Memastikan data sandaran mempunyai log tarikh dan masa
supaya dapat disahkan.
Buat sandaran untuk pelbagai jenis medium (salinan cakera
mudah alih, CD, VCD, USB).
Meletakkan data sandaran di tempat yang selamat

16
17
18
About HeiTech Padu Berhad:

A public listed company on the main board of the Bursa Malaysia

Securities Berhad, HeiTech Padu Berhad (HeiTech) is one of
Malaysia's key Information Security services providers whose
solutions spread across the ICT Security spectrum and include the
following offerings:
Business Continuity and Availability
Security Consulting, Assessment and Audit Services
Customized Security Training, Seminar and vendor neutral
certification

19
About CyberSecurity Malaysia:

We are a one-stop reference and specialist centre for cyber

security. A Company Limited by Guarantee (CLG), we are
under the purview of the Ministry of Science, Technology and
Innovation (MOSTI). Our services include:
Digital Forensics
Malaysia's Computer Emergency Response Team (MyCERT) /
Cyber999
Security management and best practices
Security assurance
Cyber security training and professional
certification
Outreach, awareness, and social
responsibility programmes
Cyber security policy and legal research

20
 KLCC
PETALING JAYA MSC boundary
KL Tower

CYBERJAYA
PUTRAJAYA

AIRPORT CITY

KLIA

21