Press Statement

MCMC sending unsolicited message to mobile phone users is an abuse of their power as regulator  

26 April 2018

Lawyers for Liberty view with concern the recent SMS blast by the Malaysian Communications and Multimedia Commission (MCMC) exhorting Malaysians to celebrate the 20th anniversary of the Communications and Multimedia Act 1998 (CMA 1998).

As this was an unsolicited message sent to the mass public without their consent, MCMC’s act falls squarely within the definition of ‘spam’ as set out in their 2004 report on “Regulating Unsolicited Commercial Messages”, and also possibly under section 233(1)(b) CMA 1998. Further, in failing to include an opt-out option to allow recipients to remove themselves from the messaging list, they have run afoul of their own recommendations as stated in paragraph 11 of the same report.

As the country’s regulator for all digital communications, it is shocking and appalling for MCMC to contravene their own guidelines on preventing spam. It is completely unacceptable that whilst demanding commercial service providers such as telco companies be held to high standards of conduct when handling consumer data, the regulators themselves see fit to dispatch a mass political message that is of no value.

The gravity of this breach cannot be understated. Due to their privileged position, MCMC have access to all registered mobile phone numbers in Malaysia amongst other things. With this data comes a responsibility – to ensure that it is not misused, in line with their role as defined in the CMA 1998. This right to privacy and the protection of consumer data are further supported by the Personal Data Protection Act 2010, which seeks to prevent improper usage of personal data in commercial transactions.

Instead, MCMC have proven time and time again that they are unworthy of this responsibility. The regulator’s image lies in tatters following the various scandals of the past few years. Most notably, the massive personal data breach that came to light in 2017 following MCMC’s questionable dealings with Neumera Sdn Bhd which resulted in the breach of more than 46 million personal data of mobile phone subscribers.

In light of MCMC’s ability to blast messages to the wider public, we ask: why, at the time of the data breach, did MCMC not send out messages to affected individuals warning them that their data may have been exposed? Instead, why has this ability been misused to urge the public to ‘celebrate’ the 20th anniversary of the CMA 1998, a rather bizarre exhortation to say the least, as the CMA is more known for being misused to selectively protect the Prime Minister and other VVIPs from ‘insults’ and other unfavourable comments on social media.

We call upon MCMC to focus on the job and take their responsibilities more seriously as their integrity and respectability as the country’s digital communications and multimedia regulator are at stake.

Released by:
Eric Paulsen
Executive Director
Lawyers for Liberty