Kuala lumpur: The establishment of a Data Commission is a pivotal step towards enhancing governance, ensuring compliance with standards, and bolstering comprehensive data protection in Malaysia, stated Digital Minister Gobind Singh Deo. The proposed commission is set to act as a regulatory body dedicated to addressing data-related risks, aligning with the Digital Trust and Data Security Strategy 2026-2030 under the 13th Malaysia Plan (13MP).

According to BERNAMA News Agency, Gobind emphasized that currently, data-related functions are dispersed across various agencies such as the Department of Personal Data Protection (JPDP), responsible for personal data, and the National Artificial Intelligence Office (NAIO) under the Digital Ministry, which handles AI-related aspects. He noted the urgent need to extend oversight to encompass data comprehensively.

Gobind remarked, "This is where we see the importance of having a mechanism that can monitor risks and take action as we go along. We are looking at broadening the scope of data regulation, and that is why we are proposing the establishment of the Data Commission." He stressed the necessity for specific standards and enforcement of rules, expressing hope for the commission's swift establishment during a session in the Dewan Rakyat.

In response to Ahmad Fadhli Shaari (PN-Pasir Mas) regarding the government's commitment to forming a review body to ensure technologies like AI do not compromise data privacy, Gobind asserted that the Data Commission would address gaps in the regulatory landscape, offering a robust authority to manage data issues beyond personal data. He added that this initiative would enhance governance structures, thereby increasing public and investor confidence in the nation's data security.

Addressing a question from Datuk Seri Doris Sophia Anak Brodi (GRS-Sri Aman) about ensuring AI use in cybersecurity aligns with ethical and privacy standards, Gobind revealed that Malaysia is finalizing the National AI Action Plan. This plan outlines a governance framework balancing security and privacy, grounded on three principles: transparency and accountability, privacy-by-design and security-by-design, and maintaining human oversight in AI applications.

Gobind highlighted that the National AI Action Plan is being developed through collaborative efforts, considering legal frameworks such as the Personal Data Protection Act 2010 (Act 709) and the Cyber Security Act 2024 (Act 854).