**Purchasing from outside Malaysia? For international orders and shipping rates, please email us read@kanyinbooks.com**
BOOK PREVIEW AVAILABLE
ISBN: 978-967-2805-89-2
Year: 2025
Pages: 288 pages
About The Book
In an era where personal data is the lifeblood of business, data protection is no longer a technical concern but a board-level priority. With the recent amendments to Malaysia’s Personal Data Protection Act 2010 (“PDPA”), including the mandatory appointment of a Data Protection Officer, every organisation must now approach data governance with the same rigour as financial or corporate compliance.
Personal Data Protection Law: A Legal and Corporate Guide to Data Privacy in Malaysia provides the most current and comprehensive analysis of Malaysia’s PDPA and its 2024 amendments. Authored by Ong Johnson and Lo Khai Yi, highly regarded for their work in shaping Malaysia’s data protection and technology law landscape, this book combines legal precision with practical clarity, distilling complex regulatory frameworks into actionable guidance. Their experience advising regulators, multinational corporations, and industry leaders is reflected throughout, offering readers an authoritative perspective on how the PDPA operates in practice.
Designed for directors, general counsels, DPOs, compliance officers, and senior executives, this book serves as both a strategic and operational reference. It provides clear frameworks, compliance checklists, and insights drawn from real advisory experience and close engagement with Malaysia’s data protection regulators.
Whether you are a legal professional, a newly appointed DPO, or a business leader navigating Malaysia’s data privacy landscape, this book is an essential resource. It offers the most relevant and current guidance on the PDPA, equipping readers to build trust, accountability, and compliance across their organisation.
About The Author
Ong Johnson leads the Technology Practice Group at Halim Hong & Quek, focusing on TMT law with recognised strength in FinTech and Personal Data Protection.
In FinTech, he is widely regarded as one of Malaysia’s leading lawyers who truly understands financial technology. With deep expertise in blockchain and tokenisation, Ong Johnson is frequently sought for complex regulatory matters and engagements with Bank Negara Malaysia, the Securities Commission Malaysia, and the Labuan FSA. He has been instrumental in projects involving Malaysia’s stablecoin, asset tokenisation, DeFi P2P, tokenised money, e-money, payment systems, money broking and digital asset custodianship.
His contributions include drafting the Data Protection Officer Competency Guideline, the Management of Data Protection Officer Training Service Providers Guideline, and the Data Protection Officer Professional Development Pathway & Training Roadmap. In recognition, he received a Certificate of Appreciation from the Commissioner for laying the foundation of Malaysia’s DPO ecosystem and advancing the national data protection landscape.
Lo Khai Yi is a technology and data lawyer specialises in the core field of Technology, Media and Telecommunications (TMT). His practice spans technology outsourcing, telecommunications, data privacy, blockchain, fintech, and intellectual property.
Khai Yi has led major mandates such as Tesla’s market entry into Malaysia, represented a Broadcom regional channel partner, on several of its regional software negotiations, represented a Singapore MNO in its first Malaysian acquisition, and assisted a Singapore network infrastructure company with its cross-causeway submarine cables laying project. He has also counselled licensed crypto exchanges and blockchain innovators on tokenisation and sandbox licensing.
As Co-Head of the Technology Practice Group at Halim Hong & Quek, Khai Yi jointly leads a team that serves as outsourced Data Protection Officer to over 30 organisations — including global F&B groups, digital exchanges, hospitals, and education institutions. Together with Johnson, Khai Yi was also invited to take part in several working groups established by the Personal Data Protection Commissioner tasked to shape the national data protection policy through the drafting of guidelines and policy documents to support the growth of data protection landscape in Malaysia.