Zulkarnain…the MPD programme complies fully with the Personal Data Protection Act 2010.
CYBERJAYA : — The mobile phone data used by the Malaysian Communications and Multimedia Commission (MCMC) for policy planning is already anonymised at the network provider level and cannot be used to identify individuals, the agency said amid ongoing concerns about personal data privacy.
MCMC deputy managing director Datuk Zurkarnain Mohd Yasin said data shared through the Mobile Phone Data (MPD) initiative is stripped of all personally identifiable information (PII) — such as names, IC numbers, and addresses — before it even reaches the commission.
“It’s made clear in the official letters to mobile service providers that the data must be fully anonymised. There must be no elements that could identify the account owner or individual. What we receive does not include names, IC numbers, or addresses,” he said.
“What’s collected are cell tower-level communications data — either call or internet usage — not the individual’s actual location. And even then, only anonymised data sets are sent to MCMC. We don’t want raw data.”
Zurkarnain said the MPD programme complies fully with the Personal Data Protection Act 2010, under which anonymised data is not classified as personal data. He added that only a small group within MCMC’s statistics division handles the information under strict internal controls.
The data cannot be used to identify individuals, either directly or indirectly, and that the initiative adheres to national laws and internationally recognised standards.
“All parameters are globally discussed and the standards have been set. Malaysia is not the only country using MPD for better policy intervention and data collection,” he said, stressing that public concerns were based on misinformation.
“From the start, this initiative was guided by the government’s and United Nations’ emphasis on respecting privacy and safeguarding personal information.”
Zurkarnain also pointed out that when the Mobile Positioning Data (MPT) system was launched, the Department of Statistics Malaysia (DOSM) had conducted media briefings and its chief statistician had made public appearances to explain the methodology — though public awareness remained limited until recent claims of misuse surfaced.
“We’re committed to upholding privacy and operating within the ambit of the law, whether under personal data protection laws or the National Statistics Act,” he said.
He also noted that Malaysia is not the only country using MPD for to gain statistics and that it was a global effort supported by United Nations agencies.
“All parameters are discussed at the international level, and standards have already been established.”
The MPT project, administered by DOSM using MPD, aims to enhance data-driven policymaking, particularly for the ICT and tourism sectors.
It was approved by the Cabinet in April 2023 following a proposal by the Economy Ministry, and is also supported by the Tourism, Arts and Culture Ministry.
The initiative aligns with international practices, according to MCMC, and was developed in consultation with the International Telecommunication Union (ITU) and other expert bodies.
There were reports suggesting that the MPD initiative raised privacy concerns and fuelled public fear based on misinformation.
Telecommunications companies, including U Mobile, Telekom Malaysia (TM), Maxis, CelcomDigi and YTL Communications, have also issued statements affirming that all data shared with MCMC is fully anonymised and handled according to legal requirements.
