Privacy Concerns In Stealing User Data

Malaysia had been ranked as the fifth-worst country in terms of protecting the personal data of its citizen. In a study of privacy and surveillance of 47 countries by British tech website Comparitech, Malaysia was placed in the 'some safeguards but weakened protection' category with a score of 2.64 out of five points.

The study gave a score based on criteria which include constitutional protection, statutory protection, privacy enforcement, data sharing, visual surveillance, identity cards and biometrics and government access to data. Malaysia currently noted that only the Personal Data Protection Act 2010 (PDPA) protects the personal data of a person in the country. As the studied said that the collection and retention of biometric data are found in a person's identification card, MyKad. It said for adults, the MyKad stored bank details and health information while for children, religion, birth and education data is stored in it. It is also said that facial recognition technology is on the rise in Malaysia, as seen in the collaboration between Grab Malaysia and the Transport Ministry. It pointed out that few laws were surrounding the use of facial recognition technology. The study also said sharing in Malaysia required written consent but the government's platform (MyGDX) facilities intergovernmental agency data sharing. It added that CCTV monitoring was also prevalent, adding that there were few safeguards in place. The study also noted that Malaysia had been involved in 'several large data breaches involving financial and medical details. Malaysia has been involved in several data breaches, among which includes the massive data leak of personal details of telecommunications service providers customers, the leak data of almost 20,000 patient records, and the personal data of Malindo Air customers.

In 2019, Malindo Airways Sdn Bhd rumoured in a forum has stealing user data which include a piece of sensitive information like address, passport number and phone number. However, Malindo Air had confirmed that they have used the expertise of CyberSecurity Malaysia (CSM) in helping the company to overcome the problem of data leakage involving the personal information of its passengers. 'The airline has hired the services of the agency to look at the cause and to ensure the incident will not repeat again. Malindo uses CSM services to help, but let them do their investigation, we cannot make any decision without analytical investigation without proving it forensically' said CyberSecurity Chairman, Jen (B) Tan Sri Mohd Azumi Mohamed. The investigation found that two former employees of e-commerce services provider company, GoQuo (M) Sdn Bhd at their development in Indian committed misconducted and stole the personal data of their customers. The matter was reported to the police in both countries, namely Malaysia and India.

Save your time!
We can take care of your essay

• Proper editing and formatting
• Free revision, title page, and bibliography
• Flexible prices and money-back guarantee

Place Order

This has triggered the user's worries and anxiety. Muslim Pro is a popular Islamic lifestyle mobile application which nearly 150 million downloads around the world across 216 countries and lately has become a big issue in Malaysia or either outside of this country which believes that this application was indirectly selling user data to US military intelligence and counterterrorism unit. This issue has been discussed in many social media and websites such as Twitter, Facebook, Instagram and etc which concern a lot of peoples who is been providing access to their location and data. However, Muslim Pro denied that it has sold personal user data to the US military but confirmed to have conveniently handed off sensitive location to a third-party data broker, X-mode. Such the third-party data brokers typically auction off data to contractors, who in turn sell it to buyers and apparently, the buyers could also be the US military. The company said it is investigating its data governance practices to ensure user data was managed in line with global laws and regulations around data privacy protection. The company also said it is immediately ending its relationships with X-mode and all other data partners. 'The trust of millions of brothers and sisters of the Ummah put in Muslim Pro every day means everything to us,' Muslim Pro wrote in a statement after thousands of social media comments from Muslims worldwide decried the app's sale of its user data as 'betraying' Muslims and allowing the military to 'target' Muslims for surveillance. The app's compromise on data is not just a concern for Muslim but it is a red flag for all technology user out there. However, just a day after the fiasco unfolded on social media, with many angry users expressing their unease, Muslim Pro's team sent out a press release on Twitter clarifying that 'media reports circulating' were 'incorrect and untrue'. In the same statement published, they also claimed that they have terminated a relationship with all data partners especially with X-mode. In their defence, Muslim Pro also clarified that every single feature of the app is available without signing or logging in which contributed to the anonymity and the greatest selling point of course it is free. And rightly so, here the unilateral and non-consensual extraction of data has far more grave repercussions which the US military can use location-sensitive data to accurately target drone strikes. Besides, Muslim Pro has apologised to all the users. 'We can confirm that their data is secure with us. We value the importance of the practising one's faith, as well as our user privacy and will do everything we can to ensure we deliver on this promise.' Said Muslim Pro's team.

Another example, these issues often happen when you are searching for an item at online shopping such as Shopee, Lazada and etc. When you are open up other application such as Instagram or Facebook, it will suddenly pop-up an advertisement about the related item that you are searching at the online shopping application on your timeline. Thus, to avoid this you can try to clear cache or history reset on what you have search. However, by looking at these issues makes people more concerned about to protect their online privacy. But there are also who is look down this thing by which for example, many users do not read or understand the privacy implications of the licensing agreements they agree before using software, application and online services. Users who is freely share information online are often unaware of its use in data mining and online profiling. Thus, there are some ways that the user can try to do to protect all important data from being stolen which first is to secure the wireless transmissions. Data that you sent over a wireless network is even more subject to interception than that sent over an Ethernet network. Hacker doesn't need physical access to the network or its devices, anyone with a wireless-enabled portable computer and a high gain antenna can capture data or get into the network and access data stored there if the wireless access point isn't configured securely. Thus, the user needs to sent or stored data only on wireless networks that use encryption, preferably Wi-fi Protected Access (WPA), which is stronger than Wired Equivalent Protocol (WEP). Next is by using the disk encryption as there are many third-party products available that will allow you to encrypt an entire disk. Whole disk encryption locks down the entire contents of a disk drive/partition and is transparent to the user. Data is automatically encrypted when it's written to the hard disk and automatically decrypted before being loaded into memory. Some of these programs can create invisible containers inside a partition act like a hidden disk within a disk. Other users see only the data in the 'outer' disk. Disk Encryption product can be used to encrypt removable USB drives, flash drives and etc. Some allow the creation of a master password along with secondary passwords with lower rights you can give to other users. Example include PGP Whole Disk Encryption and DriveCrypt, among many others and there are so many other solutions can be done such as set an authentication, tokenization, data masking, erasure and etc. For Application on a smartphone, just if you heard an issue about the apps like Muslim Pro, take a fast action to uninstall the apps and do not link it to other apps. Or can directly report the suspicious apps to the Malaysian Medical Council (MCMC) operations.

In a conclusion, by choosing this topic can remind me and other people to always be careful and beware on sharing a piece of personal information either in the software, application and online services and keep update with the current issue that involving the user data by taking a fast action which for example uninstall the application or software immediately. The dangerous of data that has been stolen will either lead to cruelty or directly go to online black market which offer a range of complementary products, from the supply of hardware and software to steal data, the sale of the stolen data itself, to the provision of services to turn data into money, such as drops, cashiers and money laundering. This is why it is important to get to know on how to protect your data from being stolen. As there is a case that we cannot avoid such as the application itself sell our data to other, this is not our fault but still we can try to avoid or prevent the things from happen by not looking down on these issues. Last but not least, be careful on giving access to our location or photo to any platform and do not forget to monitor our family member especially kids this day which highly exposed to gadget and technology. Always remind them about how much important is our data and the dangerous of data stolen.