The Magnitude of GDPR To Malaysia

The European Union (“EU”) General Data Protection Regulation (“GDPR”) governs any individuals or companies that stores or processes personal information about EU citizens within EU states even if it does not involve a business presence within the EU. Malaysian businesses need to comply with the GDPR as failure to comply will cause disruption or discontinuance of business. This paper aims to understand and evaluate the scope of the GDPR and its effect on personal data protection in Malaysia. It employs a doctrinal qualitative approach by examining the GDPR and the Malaysia Personal Data Protection Act 2010. This paper suggests that the GDPR provides a more comprehensive law with its holistic principles and rights which may provide lessons for Malaysia in protecting personal data as the area covered by the GDPR is broader specifically the non-commercial transactions, its wider range of rights and the extraterritorial applicability