On 24 December 2024, the Digital Minister (“Minister“) published the official dates for the coming into operation of the Personal Data Protection (Amendment) Act 2024 (“Amendment Act“), which was passed by the Malaysian Parliament earlier this year.
The Minister has designated three separate dates for the commencement of various provisions of the Amendment Act. The implementation dates of key amendments introduced by the Amendment Act are outlined in the table below.
Date | Key Amendments / Provisions |
1 January 2025 |
|
1 April 2025 |
|
1 June 2025 |
|
We anticipate that further implementation details regarding the changes introduced by the Amendment Act will be gradually announced or published by the Minister or the Personal Data Protection Commissioner (“Commissioner“) during the first quarter of 2025. This includes the finalisation and publication of supplementary guidelines currently being developed by the Commissioner, such as the forthcoming Implementation of Data Breach Notification Guideline.
Now that the official implementation dates of the Amendment Act have been announced, businesses must ensure that their data protection policies and practices are reviewed and updated in time for the scheduled implementation of the various provisions outlined above.
For more information about the key changes introduced by the Amendment Act as well as ancillary upcoming developments related to the PDPA, please refer to our Legal Update here.
We will continue to provide updates on any further developments related to the PDPA as well as the Amendment Act.
The original legislative notification, which was gazetted by the Minister to announce the commencement dates of the Amendment Act, can be accessed here.
This Alert is issued by the Contact Partners from the Technology, Media & Telecommunications and Data Protection Practice Group whose contact details are set out on the right column of this page.
Disclaimer
Rajah & Tann Asia is a network of member firms with local legal practices in Cambodia, Indonesia, Lao PDR, Malaysia, Myanmar, the Philippines, Singapore, Thailand and Vietnam. Our Asian network also includes our regional office in China as well as regional desks focused on Brunei, Japan and South Asia. Member firms are independently constituted and regulated in accordance with relevant local requirements.
The contents of this publication are owned by Rajah & Tann Asia together with each of its member firms and are subject to all relevant protection (including but not limited to copyright protection) under the laws of each of the countries where the member firm operates and, through international treaties, other countries. No part of this publication may be reproduced, licensed, sold, published, transmitted, modified, adapted, publicly displayed, broadcast (including storage in any medium by electronic means whether or not transiently for any purpose save as permitted herein) without the prior written permission of Rajah & Tann Asia or its respective member firms.
Please note also that whilst the information in this publication is correct to the best of our knowledge and belief at the time of writing, it is only intended to provide a general guide to the subject matter and should not be treated as legal advice or a substitute for specific professional advice for any particular course of action as such information may not suit your specific business and operational requirements. You should seek legal advice for your specific situation. In addition, the information in this publication does not create any relationship, whether legally binding or otherwise. Rajah & Tann Asia and its member firms do not accept, and fully disclaim, responsibility for any loss or damage which may result from accessing or relying on the information in this publication.
