top of page
Publications & News
MOSTI’s Large Language Models (LLMs) – Some Legal Concerns
Personal Data Security LLMs are trained on extremely large datasets of text, enabling them to learn intricate language patterns and nuances. LLMs are designed to continuously learn and evolve by storing data that has been fed into the system. This raises concerns regarding personal data protection, which falls under the Personal Data Protection Act 2010 (PDPA). In order to develop a more efficient and accurate LLM system, companies may unlawfully collect and process personal
Data Sharing Act 2025 – Overview and Key Provisions.
On 28 April 2025, the Data Sharing Act 2025 (Act) officially came into force, marking a significant milestone in Malaysia’s evolving data governance framework. The Act, which received Royal Assent on 5 February 2025 and was gazetted on 20 February 2025, establishes a structured regulatory framework for data sharing among public sector agencies. This landmark legislation aims to enhance transparency, improve data security and drive operational efficiency in public sector data
How US Policies And Emerging AI Disruptions Impact Malaysia’s Data Centre Ambitions
Malaysia has emerged as a competitive player in the global data centre industry, attracting significant investments from global tech giants like Amazon Web Services (AWS), Google, and Microsoft. Between 2021 and mid-2024, the Malaysian Investment Development Authority (MIDA) reported RM90.2 billion in foreign direct investment (FDI) from major technology firms such as Nvidia, ByteDance, and Singapore Telecommunications. The country’s ambitions are supported by robust governm
Amendments to Data Protection Laws: What Does it Mean for Malaysian Businesses?
On 31 July 2024, the Personal Data Protection (Amendment) Bill 2024 (“Bill”) [1] , aimed at enhancing data privacy protocols in commercial transactions and bolster protections against personal data breaches and instances of misuse within Malaysia, was passed in the Dewan Negara on its second reading. The Bill was tabled in the Dewan Rakyat for its first reading on 10 July 2024 and is set to be presented to the Yang di-Pertuan Agong for his Royal Assent, before it becomes an A
![IRB's Powers To Request Personal Data Disclosure: Genting Malaysia Bhd v Pesuruhjaya Perlindugan Data Peribadi & Ors [2022] 4 CLJ 399](https://static.wixstatic.com/media/eec7fb_5d9550bdfb544cdeadc567e8684bff8d~mv2.png/v1/fill/w_1775,h_1000,fp_0.50_0.50,q_35,blur_30,enc_avif,quality_auto/eec7fb_5d9550bdfb544cdeadc567e8684bff8d~mv2.png)
![IRB's Powers To Request Personal Data Disclosure: Genting Malaysia Bhd v Pesuruhjaya Perlindugan Data Peribadi & Ors [2022] 4 CLJ 399](https://static.wixstatic.com/media/eec7fb_5d9550bdfb544cdeadc567e8684bff8d~mv2.png/v1/fill/w_1136,h_640,fp_0.50_0.50,q_95,enc_avif,quality_auto/eec7fb_5d9550bdfb544cdeadc567e8684bff8d~mv2.png)
IRB's Powers To Request Personal Data Disclosure: Genting Malaysia Bhd v Pesuruhjaya Perlindugan Data Peribadi & Ors [2022] 4 CLJ 399
Genting Malaysia Bhd (Genting) as part of its business, carried out a loyalty programme entitled “Genting Rewards Loyalty Programme” (Loyalty Programme). Customers who joined the Loyalty Programme were required to provide certain personal data to Genting. The Inland Revenue Board (Revenue) requested for information relating to the name, Malaysian IC number, passport number, company registration number and address of the Loyalty Programme members in the years 2016 and 2017. In
bottom of page