Personal data “Up in the air”: A tale of two Malaysian airlines in dealing with consumers online privacy

Uncertainties and concerns surrounding the privacy of personal information in Malaysia in the wake of many data abuse incidents had led to the passing of Personal Data Protection Act (PDPA) 2010. In a market where personal data has long been widely traded and unjustifiably exploited, the coming of t...

Full description

Bibliographic Details
Main Authors: Zulhuda, Sonny, Delpisheh, Maryam
Format: Conference or Workshop Item
Language:English
Published: IACSIT Press 2011
Subjects:
Online Access:http://irep.iium.edu.my/44670/
http://irep.iium.edu.my/44670/
http://irep.iium.edu.my/44670/1/Personal_data_up_in_the_air.pdf
Description
Summary:Uncertainties and concerns surrounding the privacy of personal information in Malaysia in the wake of many data abuse incidents had led to the passing of Personal Data Protection Act (PDPA) 2010. In a market where personal data has long been widely traded and unjustifiably exploited, the coming of this law could resemble the arrival of a long-awaited messiah expected to correct the evils and rectify people’s problem in a very immediate manner. Once the law is in force, a wide range of industries that process personal data of individuals would have to reformulate their entire business processes to comply with the new legal requirements. In order to do that, they will need to perform critical self-assessment to ensure their business practice does not contravene the law and not trigger criminal liabilities. Against this background, this paper seeks to analyze how the Malaysian airlines industries – represented by the two biggest players Malaysian Airlines (MAS) and AirAsia – treats consumers’ personal data based on their existing online policies. The reason behind choosing this industry is of two folds; firstly, because airlines industry is relatively massive personal data users (especially on their passengers’ data). Secondly, the two companies have now aggressively embarked into online environment which sees them collecting and processing more personal data through their websites and online processing mechanism. The ultimate goal of this assessment is to see to what extent their existing online privacy policies and practices are in line with the personal data protection principles provided in the PDP Act 2010. Using critical methods of discussion, this paper aims at producing gap analysis and recommendations as to how the industry should improve their privacy policy and make it closer to the legal requirements in protecting consumers’ personal data.