As outlined in the OECD Guidelines for Multinational Enterprises, companies are expected to ‘respect consumer privacy and take reasonable measures to ensure the security of personal data that they collect, store, process or disseminate’. Companies are expected to limit their collection of personal data, to collect data by lawful and transparent means, as well as to not disclose or use personal customer information for any purposes other than those agreed upon. In Malaysia, the Personal Data Protection Act 2010 was introduced to regulate the processing of personal data and information security in commercial transactions, which should be taken into consideration by companies when managing their customers’ data and information.
| < Prev |
|---|
