E-Tunai Rakyat: Is our data really protected, Mr Minister?
Electronic wallets (e-wallets) are a relatively new concept in Malaysia but in an increasingly digital society, its daily prevalence is inevitable. The question is, are we ready to sell our private data to unknown entities?
As the popularity of e-wallets rises, so do the concerns and scepticism around it. The moment we decide to have a mobile and then download an app, we knowingly or unknowingly compromise on the safety of our personal data.
Granted, we are already putting out much information about ourselves through Facebook, Twitter and other social media platforms. It is certainly not a coincidence when a product we searched on the Google appear as an advertisement on the Facebook feed.
With mass data breach across the globe; people are naturally worried about privacy and security concerns. So, here us out on our scepticism on the digital wallet system.
According to Bank Negara Malaysia, there are currently 47 e-money issuers, of which 42 are non-bank issuers. In 2016, there were just 25 non-bank players.
One of the fundamental concern is the loss of customer data. From a bank’s perspective, when we use our bank account and then make a purchase, we have no idea where our money is going. We cannot track or analyse our spending patterns, which is a valuable data for banks.
However, through E-wallets, third parties can actually track the data, so that they can then push products to us.
According to Department of Statistics Malaysia, 18.5% of our local GDP is contributed by the digital economy, and the e-Tunai Rakyat programme is part of the government’s efforts to boost the digitisation of the local economy.
A total of RM59 million has been disbursed so far for the initiative, making up more than 10% of the RM450 million allocated for the programme.
The government claims that through this programme, it will encourage people to make digital payments, as well as to encourage more traders and merchants to register themselves on the platforms.
Malaysians who redeem the RM30 government grant from any of the three selected e-wallet operators, namely Grab, Boost, and Touch ‘n Go are required to use the amounts by March 14.
The government also urged traders to sign up and seize this opportunity to either sell or buy digitally. Reading between the lines, this is certainly one way for the traders to utilise our data for the benefit of their businesses.
When people raised concerns over data theft, Finance Minister Lim Guan Eng dismissed the matter outright.
His reasoning; the government already has the people’s data via the National Registration Department.
“I do not see how this would be the case. At the most, data from E-Tunai users will reveal their consumption patterns,” Lim was reported saying.
We have to admit that Lim was very flimsy on that one. For me, when I opened the Grab e-Tunai Rakyat Terms and Conditions section, hard-hitting reality on the breach of privacy stared on my face.
It contradicts our to the Personal Data Protection Act 2010, where it states that there is no sharing of personal information to any third party without the consent of the user.
However here is the catch. When signing up for the RM30 free cash, the agreement has a clause which requires us to sign. The clause basically would allow the government to hand over our personal details such as name, MyKad number, address, mobile phone number, bank account details, bank statements and other transaction information to Grab, affiliated companies, the Government of Malaysia and its nominees, foreign service providers, relevant government departments and agencies to collect and store the details.
While I am personally alright with the government having my details, why should a foreign entity be allowed access to my personal details? Why is the government bringing foreign organisations into this? I thought the programme was about helping Malaysians and bring some form of revenue to local economy.
In case many may have forgotten, the biggest whistleblower of all time, Edward Snowden spoke out about this years back. He revealed vivid details on how the US government and mighty tech organisations were developing systems to enhance their grip on personal details but were apprehensive in developing high-powered encryption software.
After these revelations, many customers became highly concerned about their privacy. And it is time for us Malaysians to start asking the right questions too.
The fact is, we cannot expect private companies to self-regulate itself when dealing with our personal details. While some companies have developed their protocols on the matter, we must note that it was made on their own accord.
What we need is for the government to step in and protect our data. It must be directed at tech industries in general and social media companies. There must be a regulation on how data is used and more specifically, ensure third party cannot access those information.
Americans themselves do not have enough protection on the matter. For example, during the 2016 election season, Facebook provided information concerning over 50 million users to Cambridge Analytica, which had been hired by Donald Trump’s campaign team.
The ability of Facebook to easily transfer information to an outside entity raises the issue on how vulnerable we are to be exploited by those with deep pockets.
So, the Malaysian government should address these concerns:
- the high -risk exposure of our data through unauthorized access
- global concerns about government access to data from private sector entities for law enforcement and national security purposes
- conflicting laws and requirements in Malaysia for companies that do business and have substantial user bases
Hema Subramaniam is the Editor in Chief of The Leaders Online
