Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 1 Volume 2(S) No. 1 (2015) ALIGNMENT OF MALAYSIA AND ASEAN AGREEMENTS ON ICT LAWS: A REVIEW Nazura Abdul Manap (Ph.D) Associate Professor Faculty of Law The National University of Malaysia (UKM) 43600 Bangi, Selangor, Malaysia. nazura@ukm.edu.my ABSTRACT The mega Multimedia Super Corridor (MSC) project launched in 1996 is a strong endorsement of the Malaysian government’s commitment toward developing ICT industry in Malaysia. To attract world-class technology companies and prepare the local ICT industry, the government has offered MSC Malaysia status to companies developing or using multimedia technologies in producing and enhancing their products and services and locating in any of the 26 cyber-cities and cyber-centres in Malaysia. MSC status confers incentives, rights, and privileges under the MSC Malaysia Bill of Guarantees. This ICT initiative also underlies Malaysia’s commitment to lead the region in protecting intellectual property and adherence to cyber laws. As a member of e-ASEAN, this assurance aligns with the e-ASEAN initiative: ‘… to adopt electronic commerce regulatory and legislative frameworks that create trust and confidence for consumers and facilitate the transformation of businesses towards the development of e-ASEAN’. This paper identifies and analyses the extent of the Malaysian government’s compliance with e-ASEAN principles particularly in the legal and regulatory aspects. Keywords: electronic commerce, ASEAN. I. INTRODUCTION The information communication revolution has had a significant impact on the world today. Computers and the Internet have become powerful tools permeating almost every area of modern living including making decisions on our behalf. The tremendous spread of these facilities has influenced not only social well-being but also has major ramifications on the overall development of nations. As in other countries, the use of ICT in Malaysia has contributed much to its development. However, similar to any other technology, the many positive aspects of ICT also have their attendant downside risks. While acknowledging the strategic importance of mailto:nazura@ukm.edu.my Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 2 Volume 2(S) No. 1 (2015) ICT as a driver to support and contribute directly to the growth of Malaysian economy, the government is aware that appropriate legal mechanisms are needed to monitor and manage this technology. Thus, the Malaysian Multimedia Super Corridor project not only provides incentives for ICT development but also includes in its framework the necessary legislative and enforcement provisions. II. DEVELOPMENT OF ICT IN MALAYSIA Background In the early years following the independence in 1957, Malaysia focused its efforts on strengthening the agriculture-based economy through the development of its basic infrastructure particularly in rural areas. After the riots of 1969, the New Economy Policy was formulated with its twin-pronged objective of eradicating poverty and restructuring Malaysia society to eliminate the identification of race with economic functions 1 . During the 1980s, basic ICT infrastructure was developed in the form of basic telephony services to rural and urban area with the aim of increasing access to mobile and fixed-line services 2 . Next, in 1991, Vision 2020 was formulated aimed at bringing Malaysia at par with developed countries by the year of 2020. This vision was a turning point to transform Malaysia into a knowledge driven society in which ICT plays a major role. Subsequently, the 8 th Malaysia Plan (2001-2005) included the introduction of a K- Economy and the potential growth of digital infrastructure. The succeeding 9 th Malaysia Plan (2006-2010) incorporated the enhancement of ICT as one of its agenda involving the building of vital ICT infrastructures in the public and private domains. The increased use of ICT infrastructure led to the need for national information security initiatives as reflected in the 1 Mudiarasan Kuppusamy and Bala Shanmugam, (2007) ‗Information Communication Technology and Economic Growth in Malaysia‘ 11(2) Review of Islamic Economics 89-90. 2 Mudiarasan Kuppusamy, Murali Raman, Geoffrey Lee, (2009) ‗Whose ICT Investment Matters to Economic Growth: Private or Public? The Malaysian Perspective‘ 37(7) EJISDC 1-19, 5. Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 3 Volume 2(S) No. 1 (2015) establishment of an emergency response centre to oversee the regulatory, technical, and security aspects of the internet 3 . With this framework in place, Malaysia is well-prepared to introduce ICT into its everyday life through initiatives such as e-commerce, e-education, and e-health or telemedicine. These strategic plans have produced increasing accessibility to the internet and its related services including wired and wireless technologies for enhancing broadband services throughout the country. Competition in the telecommunication services is encouraged by allowing the entry of new players resulting in the proliferation of various products and services in the market and in more affordable internet services. ICT connectivity was enhanced in 2000 when 33 pilot community-based Internet Centres were established nationwide of which 12 of them were in rural areas. This was followed by additional thirty one Internet/ Information Centres developed throughout the country between 2001 until 2003 and 13 national pilot projects of the NITC Strategic Task Force conducted through a Public-Private Partnership model. ICT development in the country was boosted with the implementation of the US$20 billion mega Multimedia Super Corridor project in Malaysia. Multimedia Super Corridor Malaysia On 12 February 1996, the Multimedia Super Corridor was launched with the aim of accelerating the objectives of Vision 2020. This MSC Malaysia project is an important program aimed at achieving the creation of knowledge based society. Amongst the initiatives of this program is the formation of the MSC flagship which serves as a hub for players and users in the multimedia industry. This mega project is fully supported by the Malaysian government and is a gateway to the ICT industry in Malaysia with the objective of attracting world class technology companies 3 Muhammad Jehangir, P.D.D Dominic, Naseebullah, Alamgir Khan, (2011) ‗Towards Digital Economy: The Development of ICT and e-Commerce in Malaysia‘ 5(2) Modern Applied Science 171 . http://www.ccsenet.org/mas Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 4 Volume 2(S) No. 1 (2015) while preparing the local industry for the ICT age. The companies that develop or use multimedia technologies to produce and enhance their products and services may be granted MSC Malaysia status and be located in any of the 26 cyber-cities and cyber-centres in Malaysia. MSC status comes with some incentives, rights, and privileges accorded under the MSC Malaysia Bill of Guarantees. It also underscores the assurance by Malaysia to be a regional leader in promoting intellectual property protection and adherence to cyber laws. MSC Malaysia operates within an area of approximately 15 km (9.3 mi) by 50 km (31 mi) or about 750 km 2 (290 sq mi) starts from the Petronas Twin Towers in the city of Kuala Lumpur to the Kuala Lumpur International Airport in Sepang including the towns of Putrajaya and Cyberjaya. The town of Port Klang was added to MSC Malaysia on 7 December 2006. To oversee the coordinated and managed development of MSC Malaysia, the Multimedia Development Corporation (MDeC, formerly MDC) was established. III. ASEAN ICT INITIATIVE: e-ASEAN ASEAN was created in 1967 to promote regional cooperation among its member countries with the objective of (a) accelerating economic growth, social progress and cultural development and (b) promoting regional peace and stability in the region. It currently has ten member countries, namely Brunei Darussalam, Cambodia, Indonesia, the Lao People‘s Democratic Republic, Malaysia, Myanmar, the Philippines, Singapore, Thailand, and Viet Nam. Recognizing the potentials of ICT, ASEAN member countries endorsed the e-ASEAN initiative in 1999 based on the ASEAN Vision 2020 defined two years earlier. Amongst others the vision seeks to create a stable, prosperous, and highly competitive ASEAN economic region that facilitates the free flow of goods, services, investments, and capital, as well as the promotion of equitable economic development and reducing poverty and socioeconomic disparities by the year 2020. http://en.wikipedia.org/wiki/Petronas_Towers http://en.wikipedia.org/wiki/Kuala_Lumpur_International_Airport http://en.wikipedia.org/wiki/Putrajaya http://en.wikipedia.org/wiki/Cyberjaya http://en.wikipedia.org/wiki/Port_Klang http://en.wikipedia.org/wiki/Multimedia_Development_Corporation http://en.wikipedia.org/wiki/Multimedia_Development_Corporation Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 5 Volume 2(S) No. 1 (2015) The Elements of e-ASEAN ASEAN views ICT as one of the economic key factors having a significant impact on enhancing competitiveness in other sectors of industry. Accordingly, e-ASEAN was established in the Annual Summit Meeting of ASEAN leaders in Manila on 28 November 1999 and signed during the ASEAN Informal Summit in Singapore in November 2000 4 . The primary objective of e-ASEAN is to develop a ‗broad-based and comprehensive action plan including physical, legal, logistical, social, and economic infrastructure needed to promote an ―ASEAN e-space” as part of an ASEAN positioning and branding strategy‘ 5 . e-ASEAN Legal Framework The ASEAN Information Infrastructure (AII) under the aegis of the e-ASEAN Framework Agreement of November 2000 focuses on the hardware and software systems needed to access, process, and share information, as well as to promote the growth of electronic commerce in the region. Towards this end, ASEAN countries are required to adopt electronic commerce regulatory and legislative frameworks that will promote trust and confidence for technology users. Under the agreement, the member states are required to: a. Expeditiously put in place national laws and policies relating to electronic commerce transactions based on international norms; b. Facilitate the establishment of mutual recognition of digital signature frameworks; c. Facilitate secure regional electronic transactions, payments and settlements, through mechanisms such as electronic payment gateways; d. Adopt measures to protect intellectual property rights arising from e-commerce. Member states should consider adoption of the World Intellectual Property Organization (WIPO) 4 Samtani Anil, (2001) ‗Electronic Commerce in Asia: The Legal, Regulatory and Policy Issues‘ 9(2) Int. J Law Info Tech 93 5 Rodolfo Noel S. Quimbo, (2012) ‗The e-ASEAN Legal Framework and Its Challenges‘ Harmonized development of legal and regulatory systems for e-commerce in Asia and the Pacific: Current challenges and capacity-building needs, 81-83. Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 6 Volume 2(S) No. 1 (2015) treaties, namely: ‗WIPO Copyright Treaty 1996‘ and ‗WIPO Performances and Phonograms Treaty 1996‘; e. Take measures to promote personal data protection and consumer privacy; and f. Encourage the use of alternative dispute resolution (ADR) mechanisms for online transactions. The implementation of the e-ASEAN Framework Agreement is to be achieved via a series of measures outlined in the Roadmap for Integration of the e-ASEAN Sector (the e- ASEAN Roadmap). The two key targets in the roadmap are: a. Measure 78: Enact domestic legislation to provide legal recognition of electronic transactions (i.e., cyber laws) based on common reference frameworks. b. Review of e-commerce legislation harmonization in ASEAN resulting in 8 out of 10 countries having e-commerce legislation by the end of the project in 2009. However, at the end of the project, Cambodia and the Lao People‘s Democratic Republic had still not passed electronic transaction legislation. IV. THE MALAYSIAN PERSPECTIVE Law and Regulatory Framework Laws relating to ICT have been in place in Malaysia even prior to the formulation of the e-ASEAN initiative. The launching of MSC Malaysia in 1996 saw the introduction of four cyber laws namely the Computer Crime Act 1997, the Digital Signature Act 1997, the Telemedicine Act 1997, and the Copyright Act 1987 (Amendment Act in 1997). The purpose of these Acts is to foster the development of ICT systems and to address issues of threats and abuses arising from their employment. ICT related laws were strengthened by the inclusion of four other legislations namely the Communication and Multimedia Act 1998, Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 7 Volume 2(S) No. 1 (2015) the Electronic Commerce Act 2006, the Electronic Government Activities Act 2007, and the recent Personal Data Protection Act 2010. Along with specific legislation for ICT-related issues, existing laws can also be used to provide that the matters involved fall within the legal elements provided in the traditional statutes. For example the application of the Computer Crimes Act 1997 and the Electronic Commerce Act 2006 are supported by the respective parent Penal Code and the Contract Act 1950. Conformity of e-ASEAN Obligation by Malaysian Legal Framework: An Analysis The rapid developments in ICT have posed huge challenges to legislators in instituting effective legal mechanisms aimed at protecting users of the technology; despite that the Malaysian government has been proactive in ensuring that necessary legislations are in place for that purpose. It can be said that with its wide range of cyber laws, Malaysia as a member state of ASEAN and in particular a signatory of e-ASEAN, has fulfilled the obligations required under the e-ASEAN Framework Agreement. ICT opens up new and sophisticated opportunities for criminal acts and the potential to commit conventional crimes in non-traditional ways, cyber-crime being the foremost and most obvious among them. The enactment of the CCA 1997 is seen as a means to combat such cyber- crimes; where any unauthorised access/ modification to any programme or data in a computer is deemed an offence subject to penalties. The anonymity provided by cyber space makes it necessary for additional and more robust security protections to be put in place. In line with this, the Digital Signature Act 1997 was enacted to provide the security and confidence that would encourage the public to perform electronic transactions domestically and internationally. Under the Act, the digital signature provides a verification system to authenticate the identity of the author and verify the transmitted message. Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 8 Volume 2(S) No. 1 (2015) Being one of the seven flagships in the MSC Malaysia, telemedicine or tele-health activities require attention to ensure proper protection. For this purpose, the Telemedicine Act 1997 was enacted to provide the regulatory framework governing the practice of telemedicine and to recognise the use of multimedia in the medical field. The digital element of ICT allows easy unauthorised copying and pasting primarily on the internet. The Copyright Act 1987 was amended in 1996 and 1997 to address this issue by extending copyright protection to internet transactions. The amendments took into account the developments in information technology particularly those related to copyrights covered by the World Intellectual Property Ownership (WIPO) Copyright Treaty 1996. The scope of copyright protection has been broadened to include the provision of exclusive rights of control to authors. New copyright infringements and offences have been identified and regulated under this Act 6 . The convergence of the three major technologies of telecommunications, broadcasting, and information resulted in the enactment of the Communication and Multimedia Act 1998. This Act covers communications over the electronic media and does not affect the application of existing laws on national security, illegal content, defamation, and copyright. It regulates various activities covering network facilities and service providers, application service providers, and content application services providers. This Act empowers the minister to grant licenses for particular types of activities deemed fit and the flexibility to address the changing requirements as the industry evolves. The easy access to the internet services in Malaysia has encouraged the extensive use of e-commerce transactions by both large companies and small scale enterprises. Legal disputes arising out of such contractual transactions may be handled through the Electronic Commerce Act 2006 for resolution. This Act provides legal recognition of electronic messages in 6 Nazura Abdul Manap et al, (2013), ‗The Influence Of e-Asean In The Development Of ICT Law In Malaysia‘ 8(5) Internal Journal of Soft Computing 377-380. Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 9 Volume 2(S) No. 1 (2015) commercial transactions, the use of the electronic messages to fulfil legal requirements and to facilitate commercial transactions through the use of electronic means, and other related matters. Electronic communication within the public sector as well as between the government and citizens requires a comprehensive legal framework to ensure efficient and secure electronic government services. For this purpose, the Electronic Government Activities Act (EGAA) 2007 which came into effect on 1 January 2008 can be applied to agencies handling electronic dealings. It does not grant any additional legal rights or change any substantive laws. The above account demonstrates that Malaysia has met the provisions agreed upon in the e-ASEAN Agreement. However, such legislation, no matter how comprehensive, requires appropriate and serious commitment in their implementation especially with regard to enforcement. V. PROTECTING ELECTRONIC COMMERCE ACTIVITIES IN MALAYSIA Based on the combination of the Electronic Commerce Act 2006 and the Electronic Government Activities Act 2007, Malaysia has introduced a raft of comprehensive e-commerce laws. With the enactment of the Personal Data Protection Act in 2010, Malaysia also became the first ASEAN member country to pass privacy legislation. In addition, the government believes that updating of some provisions of its e-commerce legislation may be necessary owing to the constantly evolving technological changes and the emergence of social networking and mobile applications. Malaysia had a very high number of mobile subscriptions at 127 per 100 inhabitants in 2011 and is also equipped with a moderate level of fixed broadband connectivity. Overall Internet use in Malaysia stood at 61 per cent of the population in 2011, one of the highest in the region. Electronic Transactions Laws Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 10 Volume 2(S) No. 1 (2015) The Electronic Commerce Act 2006 and the Electronic Government Activities Act 2007 are the key regulations governing e-commerce in the private and public sectors respectively. The former closely mirrors the precepts of the United Nations Electronic Communications Convention. Malaysia also has the Digital Signature Act 1997 specifically enacted for legislation for that purpose. Its legal framework was subsequently strengthened to encourage future use via amendments in 2001. In addition, the Electronic Commerce Act 2006 contains broad technology-neutral provisions on electronic signatures. Consumer Protection The Consumer Protection Act 1999 is a general piece of consumer legislation in Malaysia that protects consumers against a range of unfair practices and enforces minimum product standards. The amendments were introduced in 2007 and 2010 to widen its scope to cover electronic commerce transactions, and to introduce, among others, a new provision on general safety requirement for services. The amendments also provide protection to consumers from unfair terms in a standard form contract respectively. Malaysia also introduced the Consumer Protection (Electronic Trade Transactions) Regulations 2012, enforced in 2013. These regulations impose certain obligations on online traders and online marketplace operators. It seeks to promote consumer confidence in shopping and trading as a means to further spur the growth of e-commerce in the country. There are also some limited consumer provisions incorporated in part 8 of the Communications and Multimedia Act 1998 which deal with the relationship between consumers and licensees and applies regardless of whether the transaction is electronic or not. Subsection 188(1) requires all licensed service providers to deal reasonably with consumers and adequately address consumer complaints. Part 8 of the Act also includes a voluntary consumer protection Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 11 Volume 2(S) No. 1 (2015) code covering the provision of information to consumers and the handling of personal information and complaints. Privacy and Data Protection The Personal Data Protection Act 2010 governs the private sector and does not include government agencies. It closely mirrors the principles in the European Union directive although some variations appear to adopt parts of the APEC Privacy Framework. However, the Act does not contain any European Union style registration requirements. To facilitate the implementation of Malaysia‘s Personal Data Protection Act which came into force on 1 January 2013, the Personal Data Protection Department was established. Online Content Regulation The Communications and Multimedia Act 1998 established the Malaysian Communications and Multimedia Commission (MCMC) which is empowered to regulate ICT industries. Broad authority has been provided by the Act to the commission to regulate online speech in which ―no content applications service provider, or other person using a content applications service, shall provide content which is indecent, obscene, false, menacing, or offensive in character with intent to annoy, abuse, threaten, or harass any person‖. Thus, publishers of media content who violate this provision are subject to criminal penalties. The Act also included the establishment of the Communications and Multimedia Content Forum of Malaysia which formulates and implements the Content Code—a set of voluntary guidelines for content providers on the handling of content considered offensive or indecent. In general, the Malaysian government has pledged not to censor the Internet and there are no indications of technological filtering of the medium in the country. However, existing government controls over the traditional media sometimes extend into the Internet resulting in self-censorship and the occasional investigation of bloggers and online commentators. Cybercrime and Cyber Security Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 12 Volume 2(S) No. 1 (2015) Various sections of the Computer Crimes Act 1997 prohibit the following categories of activities related to unauthorized entry into computer systems: a. Section 3: acts committed with intent to secure unauthorized access to programs or data stored in any computer; b. Section 4: acts committed with intent to secure unauthorized access to programs or data stored in any computer to commit an offence involving fraud or dishonesty; c. Section 5: acts committed with the knowledge that they will cause unauthorized modification of the contents of any computer; d. Section 6: wrongful communication of any password, code, or means of access to a computer to any person not authorized to receive the same. These provisions are more related to computer crimes than cybercrimes. However, the provisions as found in e-commerce laws and copyright laws are updated and amended in 2012. It complements Malaysia‘s cybercrime legislation and makes them more aligned with international standards. Online Dispute Resolution and Domain-Name Regulation Three sections have been incorporated into Malaysia‘s Communication and Multimedia Act 1998 to address issues related the regulation of domain names. Section 179 specifies that the MCMC is responsible for the planning, control, and administration of electronic addresses or domain names. Section 180 empowers the MCMC with developing a numbering and electronic addressing plan that includes the formulation of rules for assigning and transferring such addresses. Furthermore, the functions contained in sections 179–181 appear to be delegated to MYNIC—the registrar of Malaysia‘s country code top-level domain (ccTLD). In addition to being the registrar, MYNIC is the registry and administrator of the .my domain. VI. CONCLUSION Brawijaya Law Journal Contemporary Issues In South-East Asia Countries 13 Volume 2(S) No. 1 (2015) The ASEAN initiative to apply uniform standards for ICT implementation throughout the ASEAN region is a useful idea as it will provide member countries the opportunity to benefit from the current ICT regime without neglecting the need to regulate the use of technologies. Although some countries such as Malaysia have adopted relevant laws to ensure the secure and effective use of ICT, the effectiveness of enforcement will remain an issue to be overcome with no or limited cooperation from the member countries. In a borderless electronic world, ASEAN member countries cannot confine themselves within the region. Thus, it is important to seek outside assistance and learn lessons from both within and outside the region. REFERENCES Abdul Manap, Nazura, et al, (2013) ‗The Influence Of e-Asean in The Development of ICT Law in Malaysia‘ Internal Journal of Soft Computing. Anil, Samtani, (2001) ‗Electronic Commerce in Asia: The Legal, Regulatory and Policy Issues‘ Int. J Law Info Tech. Jehangir, Muhammad, P.D.D Dominic, Naseebullah, Alamgir Khan, (2011) ‗Towards Digital Economy: The Development of ICT and E-Commerce in Malaysia‘ 5(2) Modern Applied Science, Kuppusamy, Mudiarasan, Murali Raman, Geoffrey Lee, (2009) ‗Whose ICT Investment Matters to Economic Growth: Private Or Public? The Malaysian Perspective‘ EJISDC. Kuppusamy, Mudiarasan and Bala Shanmugam, (2007) ‗Information Communication Technology and Economic Growth in Malaysia‘ 11(2) Review of Islamic Economics. ‗Review of e-Commerce Legislation Harmonization in ASEAN‘ (2013) United Nations Conference on Trade and Development (UNCTAD). Rodolfo Noel S. Quimbo, (2012) ‗The e-ASEAN Legal Framework and Its Challenges‘ Harmonized Development of Legal and Regulatory Systems for e-Commerce in Asia and the Pacific: Current Challenges and Capacity-Building Needs. http://www.ccsenet.org/mas