Fahmi pointed out that the amendments were raised by then communications and multimedia minister Gobind Singh Deo on Feb 12, 2020, but the fall of the Pakatan Harapan government not long after left a review of the PDPA and proposed amendments up in the air.

He urged communications and multimedia minister Annuar Musa and the Personal Data Protection Commissioner to immediately inform the public about the status of the review and the measures taken to ensure the security of the public’s personal data.

“This includes personal data stored or handled by government agencies,” he said in a statement.

Fahmi also called for Annuar to use the next parliamentary session in July as an opportunity to table amendments to the PDPA.

He claimed that in the last five years, about 100 million sets of personal data – which include full names, addresses, IC numbers, and other personal information – have been stolen.

“This is very worrying for the people and the country’s economy,” he said.

Fahmi also noted that only one high-profile personal data case had been brought to court.

Malindo Air was charged under the PDPA in February 2020 for a data breach in 2019 after details of around 30 million passengers from Malindo and fellow Lion Group subsidiary, Thai Lion Air, were posted in online forums.

Just last week, reports surfaced of a personal data leak of more than a million records belonging to the international trade and industry ministry’s (Miti) public-private partnership Covid-19 industrial vaccination programme (Pikas). The matter was reported to CyberSecurity Malaysia, which said that the issue has since been resolved.

Meanwhile, there were claims last month that a database containing personal information belonging to 22.5 million Malaysians was offered for sale through the dark web. Bukit Aman’s commercial crime investigation department (CCID) is investigating the matter.