Malaysian Bar Council bans lawyers from using virtual offices

The Malaysian Bar Council has finally put a lid on the use of virtual office by lawyers. In their letter dated 21 August 2015 to a group of lawyers (“Group”) (which I am a part of), it stated:

Having considered the reasons and proposals put forth by the group of lawyers during its meetings with the Legal Profession Committee, as well as the Memorandum prepared by one of your members, the Bar Council is of the view that crucial issues such as the cardinal principle of solicitor-client privilege, keeping and storing of physical documents, accessibility and traceability of lawyers are being compromised through the practise of such mode of offices.

In light of the above decision, you are required to take immediate and necessary steps to ensure compliance with the relevant Rules and Rulings of the Bar Council, the Legal Profession (Practice & Etiquette) Rules 1978 and the Legal Profession (Publicity) Rules 2001 and cease to operate through virtual office with immediate effect.

History of the Ban

On 7 March 2015, the Bar Council issued Circular No. 49/2014 entitled “Law Firms Operating Through Virtual Offices” (Circular 49) with the following statement:

The concept of a virtual office essentially means there is no physical presence of a law office. The office is “virtual” as it is merely a front, consisting of generic office facilities operated by another company offering the services of a receptionist and/or interchangeable meetings rooms, used by various parties (whether lawyers or not) paying for such services. Any telephone calls made to a lawyer utilising this arrangement are received by the receptionist, on the lawyer’s behalf, who would then convey the communication to the lawyer concerned, for example in a text message through a short message service (“SMS”).  Documents are also received, on behalf of the lawyer, by the receptionist.  The services of the receptionist and/or use of meeting rooms at a virtual office are shared by other lawyers and/or companies and/or businesses.

The Bar Council is of the view that lawyers practising through virtual offices are in breach of Ruling 7.03 of the Rules and Rulings of the Bar Council Malaysia, which provides as follows: Where an Advocate and Solicitor shares an office or premises with another person (whether an Advocate and Solicitor or not), the office or premises must be partitioned off with separate and distinct entrances, with no connecting door between the two offices or premises.  This Ruling shall not apply to Advocates and Solicitors who are partners of the same law firm.

Where a law firm operates through a virtual office, a further cause for concern arises in respect of confidentiality and the safekeeping of information, including files and documents, which appear to be lax in such virtual offices.

Members are therefore advised to cease such operations with immediate effect, as the Bar Council may take disciplinary action against lawyers who are reported to be operating through virtual offices.

The Group subsequently got in touch with the Bar Council and meetings were held with the members of the Legal Practice Committee (LPC) to clarify and discuss on the ban. A moratorium was granted pending the discussion between the Group and the LPC. This moratorium was subsequently lifted with the letter of 21 August 2015.

Notwithstanding the said ban, it is unclear what type of virtual office is banned by the Bar Council. There are many service providers in Malaysia who term their service as a virtual office service but they differ from each other.

Wikipedia defines “virtual office” as ”a virtual office provides communication and address services without providing dedicated office space”. The California State Bar Standing Committee on Professional Responsibility and Conduct has a different view on virtual office. In a matter concerning “virtual law office practice” (VLO), it described the VLO with the following features:

In her VLO, Attorney intends to communicate with her clients through a secure internet portal created on her website, and to both store, and access, all information regarding client matters through that portal. The information on the secure internet portal will be password protected and encrypted. Attorney intends to assign a separate password to each client after that client has registered and signed Attorney’s standard engagement letter so that a particular client can access information relating to his or her matter only. Attorney plans not to communicate with her clients by phone, e-mail or in person, but to limit communications solely to the internet portal through a function that allows attorney and client to send communications directly to each other within the internet portal.”

In an article entitled “PRACTICING LAW WITHOUT AN OFFICE ADDRESS: HOW THE BONA FIDE OFFICE REQUIREMENT AFFECTS VIRTUAL LAW PRACTICE” by Stephanie L. Kimbro, M.A., J.D. the learned author described VLO with the following features:

The features of a virtual law office and methods of communicating and delivering the legal services online differ depending on the features available in the technology chosen to set up the virtual law office. These features will continue to evolve with the technology, but the key feature that will remain the same is the client portal, which requires a unique username and password. Once inside the secure virtual law office, the client may then have access to his or her case file, documents, invoices, text communication with the attorney, interactive calendar, and forms. In addition, the client may also have the ability to pay invoices online, sign online engagement letters, or hold video conferences or real time chat.

In the article entitled “The Rise of the Legal Virtual Office” by Stephen Furnari, the learned author stated that “virtual” law practice comes in various forms and this include, virtual law firm (a law practice that does not utilize a central office to house attorneys or permanent staff), virtual law firm (an unbundled office rental arrangement where firms get the business presence of a traditional office and have access to its resources, such as an address to receive mail, a physical location to meet clients, conference rooms, receptionist and admin services, and temporary office space), and virtual legal services (actual legal services that are provided and delivered exclusively online using SaaS applications)

Whether the Bar Council’s definition would fall within the scope of a VLO defined above is unclear. Nevertheless, Circular 49 stated that “the concept of a virtual office essentially means there is no physical presence of a law office” and the lawyer is sharing office with third parties.

But it is clear that those who have their law office at home with certain administrative functions outsourced would not be caught by the ban.

With the advent of broadband, cloud services and other new technological features, a traditional law practice has changed. Working files are no longer kept in our paper files but stored in our PC or even in the cloud. Lawyers do not need a physical file to work but with only a device which may or may not belong to him since one can access them using cloud services. Technology has evolved so much and so quick that a laptop can even now become a tablet and vice versa (e.g. Windows Surface 3). In two years, a smart phone can become your only computer (according to an article by Wired). Traditional physical offices may one day be redundant to some lawyers and could even be reduced to an electronic device.

The Bar Council will certainly need to address and be open to these technological advancements. Malaysian lawyers should be encouraged to move ahead with times and adopt new technological advancements to be competitive and on par with any international lawyers.

First published on LoyarBurok on 2 November 2015.

PDF    Send article as PDF   

Malaysian Personal Data Protection Commissioner publishes draft Codes of Practice

The Malaysian Personal Data Protection Commissioner has published the draft Codes of Practice for the banking and finance industry and also for the communications sector. Members of the public are invited to provide their feedback before 22 September 2015 by sending their comments to:-

Aras 6, Kompleks KKMM, Lot 4G9,
Jabatan Perlindungan Data Peribadi
Kementerian Komunikasi dan Multimedia Malaysia
Persiaran Perdana, Presint 4,
Pusat Pentadbiran Kerajaan Persekutuan,
62100 Putrajaya.

or email or fax to and 603-89117959 respectively.

PDF Creator    Send article as PDF   

Bread & Kaya: Uber and GrabCar services legal in Malaysia?

Bread & Kaya: Uber and GrabCar services legal in Malaysia?

By Foong Cheng Leong
Aug 12, 2015

– The apps appear legal under current laws, but are the drivers?
– Public transport services need to be regulated to ensure they are safe

ON Aug 7, Malaysia’s Land Public Transport Commission (SPAD) announced on its Facebook page that it had seized 12 cars alleged to have been providing public vehicle services without a licence, under Uber and GrabCar.

SPAD said it would bring the matter to court.

This is not the first time the Commission has acted. According to a March 3 report in theSun, No escape for operators violating Land Public Transport Act, 39 private vehicles that were used to offer taxi-like services through different mobile applications like Uber, MyTeksi and Blacklane, were seized.

App-based transportation network companies such as Uber have been subject to ongoing protest and legal actions around the world. Uber has been banned in numerous countries such as Australia, India and Thailand, as well as certain parts of the United States.

GrabCar and Uber are essentially a service which connect users for rides on private cars. For the purpose of this article, I’ll focus on Uber which I am familiar with. I’ve used Uber when I was in the United States and Singapore.

If you’re wondering whether Uber and GrabCar services are legal in Malaysia, there is no express prohibition under the law to have software to connect users for rides on private cars.

According to a report in automotive portal, SPAD chairman Syed Hamid Albar said that existing laws are silent on mobile apps offering public transport services, and this meant that SPAD was finding it difficult to rein in foreign and local mobile apps such as Uber and GrabCar, which it claimed were offering illegal public transport services.

However, Uber and GrabCar’s positions are quite clear: They do not provide transportation services but merely connect their users with drivers.

In the Recital of Uber’s Transportation Provider Service Agreement, it is stated:

Rasier does not provide transportation services, and is not a transportation carrier. In fact, the Company neither owns, leases nor operates any vehicles. The Company’s business is solely limited to providing Transportation Providers with access, through its license with Uber, to the lead generation service provided by the Software, for which the Company charges a fee (“Service”).

In GrabCar’s Terms of Use, it states:

The Company is a technology company that does not provide transportation services and the Company is not a transportation provider. It is up to the third party transportation providers to offer transportation services to you and it is up to you to accept such transportation services.

However, the problem lies with the drivers providing the transportation services. Under Section 16 of the Malaysian Land Public Transport Act 2010 (Act), no person shall operate or provide a public service vehicle service using a class of public service vehicles unless he holds an operator’s licence issued under said Act.

A person is deemed to be operating or providing a public service vehicle service if he:

(a) uses or drives a public service vehicle of a class of public service vehicles himself; or
(b) employs one or more persons to use or drive a public service vehicle of a class of public service vehicles,

to operate or provide a public service vehicle service, and

(a) he owns the said public service vehicle; or
(b) he is responsible, under any form of arrangement with the owner or lessor of the said public service vehicle to manage, maintain or operate such public service vehicle.

Based on the above definition, Uber and GrabCar do not seem to fall within the scope. Hence, Uber and GrabCar apps are legal in Malaysia.

Notwithstanding that Uber and GrabCar apps are legal in Malaysia, are Uber and GrabCar’s drivers legal in Malaysia?

Uber and GrabCar drivers can legally provide public transportation service if they are licensed under the Act.

In fact, Uber’s Transportation Provider Service Agreement (PDF) states that an Uber driver (pic above) must “possess a valid driver’s licence and all licences, permits and other legal prerequisites necessary to perform rideshare or P2P (peer-to-peer) transportation services, as required by the states and/or localities in which you operate.”

From this agreement, it is clear that Uber requires its drivers to have a valid licence to provide “rideshare or P2P transportation services” which are essentially transportation services. Drivers without such a licence are committing an offence under Section 16 of the above Act, or can even be considered as breaching Uber’s own Transportation Provider Service Agreement.

Section 16 of the Malaysian Land Public Transport Act 2010 (Act) provides that any person, not being a corporation, who commits an offence shall, on conviction, be liable to a fine of not less than RM1,000 but not more than RM10,000, or to imprisonment for a term not exceeding one year, or to both. [RM1 = US$0.25]

The court may also order the vehicle to be forfeited to the Government under Section 80(4) of the Act.

In Reza Kianmehr v. PP [2013] 7 CLJ 265, Reza Kianmehr was convicted and sentenced to a fine of RM2,000 in default of two months’ imprisonment for the offence of operating a public service vehicle service (in local terms, kereta sapu) without a licence under Section 16 of the Act. His car was also ordered to be forfeited to the Government under the same Act.

The reason for regulating public transport service vehicles is simple. We need to make sure public transport is safe to the public. Details of drivers must be recorded and they must meet the minimum qualifications.

Those who escape the system are a risk to users and those on the streets.

Assuming an accident is caused by an unlicensed public transport vehicle driver where the passenger and person on the streets are injured, would the driver’s insurance cover such injuries, or even death?

First published on Digital News Asia on 12 August 2015

Create PDF    Send article as PDF   

Sarawak Report should sue MCMC for blocking site, say lawyers

I was quoted by Malaysia Insider on their report “Sarawak Report should sue MCMC for blocking site, say lawyers” on 22 July 2015. The relevant extract is below.

However, personal data protection expert and lawyer Foong Cheng Leong told The Malaysian Insider that none of the provisions in the Communications and Multimedia Act 1998 explicitly provided for blocking access to sites.

In justifying its decision, MCMC on Sunday said it had acted according to Section 211 and 233 of the act. Both these sections provide for criminal prosecution against those who have been deemed to publish “offensive” content, or content that intends to “annoy” or “harass” any person.

Under both sections, an offender can be sentenced to not more than one year jail or RM50,000 fine, or both.

But Foong said the more relevant act that MCMC could have used to justify its action was Section 263, which said licensees, which were network providers, had the general duty to assist MCMC in preventing the network being in commission of any offence under Malaysian laws.

“This is the provision that is used to compel service providers to help block a website upon request by MCMC,” Foong said.

However, even this section did not explicitly provide for the blocking of a website.

Service providers are not obligated by law to cede to requests to block certain cites, but they normally comply with such requests since MCMC regulates their licences.

“It is possible to bring this matter to the court and challenge it, one possibility is to say that this is ultra vires what is provided for in the act itself,” Foong said.

Section 3 (3) of the same act states that the act does not allow for the censorship of the Internet, in line of the Multimedia Super Corridor (MSC) Bill of Guarantees, which promised the same.

“And because the act doesn’t explicitly provide for blocking of a website, one can also argue that MCMC is acting beyond its scope (with the block).”

There’s a slight clarification on the use of s. 263. If we look at MCMC’s notice, it did state that the blocking order is made pursuant to s. 263 of the CMA. The exact section is s. 263(2) of the CMA which provides the following:

(2) A licensee shall, upon written request by the Commission or any other authority, assist the Commission or other authority as far as reasonably necessary in preventing the commission or attempted commission of an offence under any written law of Malaysia or otherwise in enforcing the laws of Malaysia, including, but not limited to, the protection of the public revenue and preservation of national security.

The sentence “preventing the commission or attempted commission of an offence” is key here. No actual offence needs to be committed but an attempt is sufficient to enable MCMC to act against a website. The section does not expressly state “blocking order” but such blocking order is commonly used against unlawful websites such as pornography or drugs websites.

I made further comments in the Malay Mail in their article “Sarawak Report blockage shines light on ‘abusive’ MCMC powers” on this matter:-

Lawyer Foong Cheng Leong, who is well-versed with cyber law, said Section 263(2) has a wide scope and could be interpreted “very liberally” to mean that MCMC can ask ISPs to block a website even when no complaint or police report has been lodged.

“You don’t have to wait for the court to convict the person to block the website,” the KL Bar Information Technology committee chairman told Malay Mail Online when contacted, adding that even prosecution was not a requirement for the section to apply.

Foong said there is “room for abuse” as the MCMC can cite the broadly-worded clause to block websites without reasonable basis, but noted that website owners could seek legal remedy by attempting to have unjustified blocks declared unlawful and beyond the MCMC’s authority.

Both Foong and Amer Hamzah said there appears to be no tribunal available for website owners to appeal to and it is unclear whether the CMA’s Section 82 on resolving disputes through negotiation covers such cases.

The two lawyers suggested safeguards to curb any possible power abuses by MCMC under Section 263 (2), with both saying that the regulator should notify the website owner when it makes a written request to the ISPs to block the websites.

“If you look at the Home Ministry’s website, there is a list of books being banned. Why can’t we have say a list what kind of website has been banned?” Foong asked, adding that a clear avenue for website owners to appeal to the MCMC decision must be provided.

Foong said, however, that some curbs were justifiable, citing as example Islamic State militants’ propaganda as well as existing restrictions on pornography, gambling and drugs.

PDF Download    Send article as PDF   

Business Development for Young Lawyers on 31 July 2015

I presented a seminar on business development for young lawyers. It was attended by 30 lawyers, chambering students and law students. I spoke about the concept of generating and converting leads, tips on having a successful networking conference, building your own database and online marketing.

After my talk, we had a group discussion by the participants which were broken down in group. The participants are required to discuss on how they are going to market their legal practice to clients and prospective clients. Each group came out with standard marketing methods and also very unique ideas. One suggested that instead of a legal conference to speak about law, they have a funfair for their clients with their family, and one suggested that they should have a YouTube video on what to expect in a medical negligence case with a scene where a family member actually died.

Download the Slides

Free PDF    Send article as PDF   


On 1 July 2015, the Personal Data Protection Commissioner published the Public Consultation Paper No. 1/2015. This consultation paper is intended to solicit feedback from the data users and data subjects relating to their understanding of the personal data protection.

In order to make the Standard for Personal Data Protection a reliable reference document, the Commissioner will merged three standards namely the Safety Standard, Storage Standard and Data Integrity Standard into one document.
According to the Commissioner, this step is in accordance with the requirements of the Personal Data Protection Regulations 2013 and the Personal Data Protection Act 2010. The feedback received through this public consultation paper will be analyzed and the results of this analysis will be used in the preparation of the final draft standard. The final draft will be presented to the 11 classes of data users before being registered by the Commissioner.

The feedback can be downloaded here (in Malay) and here (in English)


PDF    Send article as PDF   

PDC Seminar on Business Development for Young Lawyers on 31 July 2015

As part of its Professional Development Programme, the KLBC Professional Development Committee (PDC) is pleased to present the above Seminar by Foong Cheng Leong on 31 July 2015 (Friday) from 3:00 pm to 5:00 pm at the KL Bar Auditorium, 4th Floor Wisma Hangsam, No 1, Jalan Hang Lekir, 50000 Kuala Lumpur.

Areas to be covered

• Building your practice
• Getting your first client and expanding your clientele
• Specialisation
• Networking skills
• Improving presentation skills
• Client management

About the speaker
Foong Cheng Leong was called to the Malaysian Bar in 2005. He currently serves as the KLBC Information Technology Chairperson, Co-Chairperson of the Bar Council Information Technology and Cyberlaw Committee, Co-Chairperson of the Ad Hoc Committee of the Personal Data Protection and Deputy Chairperson of the Bar Council Intellectual Property Committee. He is regularly featured in the media notably over topics regarding intellectual property, cyberlaw, data privacy and the like. He also regularly presents at seminars and conferences.

REGISTRATION FEE (inclusive of 6% GST)

Pupils-in-Chambers / Law Students – RM31.80 per participant

Members of the Bar – RM63.60 per participant

Non-Members – RM106.00 per participant

Registration Must be Accompanied With Payment to Guarantee Your Place

Only 150 Seats Available. Click here to register.

PDF Creator    Send article as PDF   

Malaysia amends law to hold publishers responsible for user comments

I was recently interviewed by PRWeek Asia regarding my views of the amendments of the Sedition Act 1948. My email interview is as follows:-

What power do these amendments give the Malaysian government against the tech giants?

Foong: Our laws may not reach foreign tech giants. However, with the new amendments to the Sedition Act and even under the Communications and Multimedia Act 1998, it is possible to block the websites of these foreign tech giants.

What could it cost them potentially to keep operating in Malaysia?

Foong: Possible problems: being criminally liable, servers and other electronic devices being seized as evidence, and so on, during investigation.

What are their options? Self-monitor like Tencent?

A self monitoring practice is possible but it will be costly and time consuming. Unfortunately, we do not have takedown notice provision (other than under our Copyright Act) or laws to protect intermediaries, hence monitoring is required in Malaysia.

One possible option is to have their operations moved out from Malaysia which is detrimental to our economy.

Do you think lobbying will change these amendments?

Foong: Lobbying for laws to protect intermediaries would be recommended. Other than affecting the freedom of expression, it also affects our digital economy. Foreign investors will have to think twice before setting up their operation and putting their servers here in Malaysia.

For the full article, please visit here.

Create PDF    Send article as PDF   

Bread & Kaya: How the ‘new’ Sedition Act affects netizens

Bread & Kaya: How the ‘new’ Sedition Act affects netizens
By Foong Cheng Leong
Apr 08, 2015

– As with Section 114A, website hosts and FB page owners can be held liable
– Particularly thorny are comments left by others on your portal

BY the time you read this article, the Sedition (Amendment) Bill 2015 – which seeks to amend the Sedition Act 1948 – will be debated in Parliament. The Bill is now published on the Parliament of Malaysia’s website. Click here to download a copy.

The Najib Administration is seeking to update the 1948 Act to now cover electronic publications, and this article will focus on how these amendments may affect the netizens of Malaysia, and website operators in particular.

The purpose of introducing the amendments is stated in the Explanatory Statement of the Bill.

On the eve of Malaysia Day 2011, Malaysian Prime Minister Najib Razak pledged watershed changes to enhance the parliamentary democracy system in Malaysia. This pledge was reiterated in July 2012 and a decision was made to repeal the Sedition Act 1948.

“However, events since that date have demonstrated the continued relevance of the Sedition Act 1948 in tandem with recognition for the need for enhanced safeguards against its misuse to stem legitimate criticism of Government and discussion of issues of concern to Malaysians,” the explanatory statement reads.

“Among the issues of concern are the increasingly harmful and malicious comments, postings and publications that jeopardise that most valued ideals of Malaysia – tolerance and racial and religious harmony in a multiracial, multireligious and multicultural nation.

“Even more alarming are calls for the secession of States in the Federation of Malaysia established by the consensus of the peoples of Malaysia and unwarranted attacks against the sovereign institutions of Malaysia, the Yang di-Pertuan Agong and the Rulers of the States.

“It is against this background that the Government has decided to retain the Sedition Act 1948 (‘Act 15’) at this time with the addition of enhanced measures and penalties to deal with the threats against peace, public order and the security of Malaysia, in particular through the irresponsible misuse of social media platforms and other communication devices to spread divisiveness and to insult the race, religion, culture, etc. of particular groups of Malaysians without regard for the consequences,” it says.

The definition of seditious tendency will be amended. It will no longer be seditious to “bring into hatred or contempt or to excite disaffection against any Government, administration of Justice (our Courts).

It will be seditious to excite the secession of a State from Malaysia. It is seditious to insult our Rulers, and to promote feelings of ill will and hostility between different races or classes of the population of Malaysia and, with the new amendments, between persons or groups of persons on the grounds of religion.

The Sedition (Amendment) Bill 2015 creates liability to website operators (I use this term loosely as the Bill uses the words ‘any person’ and thus may include owner, host, editor and subeditor) such as online forums, online news portals, and even Facebook Page/ Group owners.

Sections 3 and 4 of the Bill introduce the words “caused to be published.” Under the newly amended Section 4(1)(c) of the Sedition Act 1948, a person who, among others, publishes or caused to be published any seditious publication is guilty of an offence.

The punishment is now “a term not less than three years but not exceeding seven years.” Previously, it was not exceeding three years and a fine.

So what does “caused to be published” here mean? It seems to cover a website operator who allows a comment to be published on his website (especially in the case where comments are moderated). This also covers a comment or a posting published on a Facebook page.

Further, pursuant to Section 114A of the Evidence Act 1950, the owner, host, administrator, editor or a subeditor of the website is the publisher of that comment – notwithstanding that such person is not the author of such a comment (unless the contrary is proven).

If the offence involves a publication of a seditious comment under the new Section 4(1A) – that is, published or ‘caused to be published’ any seditious comments which caused bodily injury or damage to property – the Public Prosecutor has a right not to allow bail. Such a person will languish in jail until his trial is over.

Further, the new Section 10(5) of the Sedition Act 1948 compels a person who knowingly has in his possession, power or control a prohibited publication by electronic means, shall remove or cause to be removed, such publication – failing which he shall be liable to a fine not exceeding RM500,000 (US$137,000) or imprisonment not exceeding three years, or both.

However, there are exceptions for a website operator if he can prove that the seditious publication was done:

– Without his authority, consent and knowledge and without any want of due care or caution on his part, or
– That he did not know and had no reasonable grounds to believe that the publication had a seditious tendency.

The first exception will not be applicable to a website operator who moderates comments because publication of a comment was done by his authority, consent and knowledge when he approved the comment.

It would however be applicable to an unmoderated website but such an operator must show that due care and caution had been taken.

Nevertheless, the second exception above will be of assistance to a website operator who moderates comments. However, it is difficult to determine what amounts to seditious nowadays (we need a compendium of sedition statements!).

A Sessions Court Judge, on the application by the Public Prosecutor, can make an order to prohibit the making or circulation of certain sedition publications (that are likely to lead to bodily injury, damage to property, promote feelings of ill will, etc., as per the new Section 10(1)).

Any person making or circulating the prohibited publication shall remove or caused to be removed that publication, or be prohibited from accessing any electronic device.

Any person who fails to do so shall be guilty to a fine not exceeding RM500,000 or to imprisonment not exceeding three years, or both.

If the person making or circulating the seditious publication by electronic means cannot be identified, a Sessions Court Judge can direct that such publication be blocked (under the new Section 10A).

[Note: This article is subject to amendments in the event that there are new facts or clarifications from the First Meeting of the Third Session of the 13th Parliament (2015)].

First published on Digital News Asia on 8 April 2015.

PDF Printer    Send article as PDF   
1 2 3 22  Scroll to top