Comments on the Malaysian e-Court System Phase 2

The Malay Mail interviewed me on my views of the implementation of the new e-Court System Phase 2 some time last year. Some of the issues highlighted below have now been resolved. I am posting this for record purpose.

In their article entitled “Lawyers required to go digital by 2018“, I said the following:-

Foong Cheng Leong, the Kuala Lumpur Bar’s Information Technology and Publication Committee chairman, noted that e-filing is partly aimed at ending the maintenance of actual physical files and saves time with the skipping of physical file searches.

“Before e-filing, the court had problem organising their files and many files went missing resulting the loss of judicial and litigants’ time. The e-filing system also allows documents to be viewed quickly without the need to look for the file,” he said.

Foong said the second phase of the e-filing system had some improvements such as a better online file search system that now includes searching of court minutes, but he highlighted several issues such as the use of the security token which he felt was “unnecessary”.

“Although it is now available at an affordable rate, the use of the token creates a ripple effect. For example, the lawyer now would need to apply for the token and learn how to use and install it, safe-keep, protect and observe the expiry date of the token,” he said, arguing that there were other ways to ensure security or to ensure the right person is filing a court document.

He said the online file search function where users have to pay RM8 or RM12 depending on the court tiers for a 30-minute viewing period should be changed, suggesting that the time limit should be scrapped and instead replaced with a pay-per-file system.

The file search function also only allows users to view and print files page by page, but should instead be changed to allow users to download the files to view them directly on their computers, he said.

“The current system still has a lot of bugs. It ought to be have been beta tested properly by users, in particular, the lawyers before rolling them out,” he said, citing as example the timer in the file search system suddenly resetting to 0:00 before the time is actually up.

On the closure of the Service Bureau to lawyers, I stated the following:-

Foong similarly said: “However, the service bureau should still remain to assist lawyers to file their documents. Not every lawyer has litigation cases often and some may even do one or two a year. It makes no commercial sense sometimes to pay for the token to do e-filing. Nevertheless, the Court should allow other parties to open service bureaus to cater the needs of fellow lawyers.”

In Malay Mail’s subsequent article entitled “No more 5am queues to file lawsuits“, I was quoted stating the following:-

Foong Cheng Leong, the Kuala Lumpur Bar’s Information Technology and Publication Committee chairman, said issues that law firms in peninsular Malaysia faced in moving to a new online court filing system had caused the long queues.

During that period, the helpdesk for the online system was overflowing with requests for assistance, with many lawyers complaining that it was not picking up their phone calls, he said.

“I think the long queues at the e-filing service bureau is due to the sudden surge of requests to do e-filing. As many lawyers had problem migrating to the new system, they have no choice but to use the e-filing service bureau. This adds to the usual crowd of lawyers who did not subscribe to the e-filing system.

“The Court was unable to cope with the sudden surge of request and resulted in very long lines. The Court had to limit the number of people who could use the service otherwise their staff would be staying in Court past the normal working hours,” he told Malay Mail Online when asked to weigh in on the issue.

Here’s What You Should Know The Next Time Someone Asks For Your MyKad

I was featured in The Malaysian Digest’s article entitled “Here’s What You Should Know The Next Time Someone Asks For Your MyKad” on 22 February 2018.

If Your Identity Is Stolen, It May Be Difficult To Prove Your Innocence

Although the Private Data Protection Act 2010 (PDPA) that protects our data, which is collected for commercial purposes, from being misused by third parties has been enacted, there are limits to how far the law can protect us especially when our data is collected for non-commercial purposes, which is unregulated and open to abuse.

Foong Cheng Leong, founder of law firm Foong Cheng Leong & Co., relayed that when you simply give out your IC number to anyone asking, you are liable to have more of your information to be collected and can be used for social engineering such as creating a complete profile about you.

“With a complete profile, one can use it to obtain certain things like services, access to bank accounts, mobile numbers, financial information, email, buildings and further information etc.

“One can also use that profile to obtain information of another person e.g. a person close to you, for example, your spouse’s personal information,” he said.

And when our personal data and identity gets stolen, it may not be easy to prove and it will depend on the circumstances.

“But one would have to go through a difficult process of being investigated. He may be arrested, remanded, have his computers and mobile devices ceased, privacy invaded etc.” he said.

Although he has not had any cases involving IC number, he has come across cases involving the misuse of identity.

“I had one case where the employee was charged in Court under the Computer Crimes Act 1997 for unauthorised modification of content.

“His office account and internet account were used to delete a database of his employer. Fortunately, we managed to prove that it was not him who did it,” he said.

Foong also said that cases of identity theft are not just a few in the country, as he shared the most well-known case which is the case of Adorna Properties Sdn Bhd v Boonsom Boonyanit.

“The land owner lost her land after it was fraudulently transferred to a third party and subsequently sold to a bona fide purchaser – see https://asklegal.my/p/boonsom-boonyanit-adorna-properties-indefeasible-title-national-land-code-1. Note that the position of this law has changed – see http://www.skrine.com/better-late-than-never,” he shared.

He said that the best way to protect our data is by ensuring that it is always secure and that we control the circulation of our data.

When Businesses Use Your Photo Without Permission, Here’s What You Do

I was featured in Malaysian Digest’s article entitled “When Businesses Use Your Photo Without Permission, Here’s What You Do” on 24 January 2018 on what customers can do to protect their personal data. I said the following:-

Customers Need To Be Proactive To Protect Their Privacy

What then do we, as customers, can do to protect our privacy and what rights do we have as a civilian?

Foong Cheng Leong, founder of law firm Foong Cheng Leong & Co. and the Bar Council cyber law and information technology committee deputy chairperson, explained that when it comes to invasion of privacy, it depends on the scenario.

If it’s a photo taken in a public place with many other people like a group photo, it is unlikely an invasion of privacy nor it is anything unlawful.

“If the photo was a photo taken during the business transaction between the customer and the business, it could amount to a breach of Personal Data Protection Act 2010 or invasion of privacy. For example, a photo taken by a doctor of its patient during treatment.

“Also, if the photo belongs to the customer, it could amount to copyright infringement,” he said, while advising that it would be prudent to add a watermark to our photos.

And if we do find our photo being featured in advertisements without consent, we should write to the business asking them to remove it.

“They can also consider filing a complaint to the Personal Data Protection Commissioner for them to investigate the matter,” he advised.

When social media rants can land you in court

I was featured in The Star Newspaper’s article entitled “When social media rants can land you in court” on 5 January 2018 on the issue of reviewing a business online. I said the following:-

Meanwhile, Bar Council cyberlaw and information technology committee co-chairman Foong Cheng Leong told The Star that a person was free to post a review of a restaurant, on Facebook or elsewhere.

However, he said such a review should not be defamatory.

“Defamatory statements would mean the statement would expose the plaintiff to hatred, ridicule or contempt in the mind of a reasonable man, or would tend to lower the plaintiff in the estimation of right-thinking members of the public generally,” he said.

Nonetheless, Foong said sometimes it is hard to differentiate between what is defamatory or not.

“Generally, insults, negative reviews, or statements of opinion are fine. I can always say a restaurant food is terrible. It is fair comment.”

The interview by The Star Newspaper was a follow up of a decision by the High Court of Malaya in the case of Champ’s Express Heritage Sdn Bhd & Anor v Pak Loo Ke (Kuala Lumpur High Court Suit No. 23NCVC-94-12/2015). The High Court held that the Defendant had defamed the Plaintiffs when she published a posting on the 1st Plaintiff’s Champ’s Bistro, BSC. The Facebook posting had questioned the level of hygiene of the Plaintiffs’ food and also the 3rd Plaintiff, who is the founder of the 1st and 2nd Plaintiffs, among others. The same posting was made the Defendant’s Instagram account. The Defendant was a kitchen helper for 2 weeks before she published the alleged defamatory postings.

The Star Newspaper reported that the Plaintiff had succeeded in proving defamation, and the Defendant had failed in her defence of justification and fair comment.

Sugar Daddy and Sugar Babies Website – Is it illegal?

I was interviewed by The Star on the issue of legality of a local website that connects “sugar daddies” with “sugar babies”. In the article entitled “A raw nerve hit, but no laws broken“, I said the following:-

There is no law against couple matching services in Malaysia unless it is for prostitution or other illegal purposes, said Bar Council cyber law and information technology committee deputy chairman Foong Cheng Leong.

While the website’s service and users may be entering a moral grey area, Foong said “immoral doesn’t necessarily mean unlawful”.

“Payment for companionship is legal. This is unless the companionship falls under prohibited acts, which include prostitution and soliciting prostitution,” he said.

Foong was commenting on a Malaysia-based online dating platform which matches established, wealthy men or “sugar daddies” with women who are seeking financial support.

MCMC also said operating, providing and using an online service or application is not an offence under the Communications and Multimedia Act 1998.

“However, action can be taken if such a service is being used to disseminate illicit content such as obscenities, nudity, pornography and others,” it said.

Other enforcement agencies like the police may also pursue various actions under the relevant laws if there are elements of prostitution, extortion, blackmail and scams.

“Should consumers feel the app is inappropriate due to its content, they can reach out to the MCMC or the police. Investigations will be undertaken to assess if such contravene the existing laws.”

I was also interview by Digital New Asia on the same issue in their article “TheSugarBook – sweet endings or bitter disappointment?“. The relevant excerpts are as follow:-

One of the most-asked questions about TheSugarBook is whether or not such a service is legal.

“There is no law against couple matching services in Malaysia unless it is for prostitution or other illegal purposes,” says Foong Cheng Leong (pic, above), deputy chairperson of The Malaysian Bar’s Information Technology & Cyber Law Committee.

..

It must be pointed out that other popular dating apps such as Tinder or Grindr (a social networking app for LGBTQ people) could also have users who met on the app engaging in illegal activities outside of it. Many of these platforms do not enable users to report other users or have such strict regulations regarding user profiles as TheSugarBook does and it is quite usual for users to state on their profiles that they are only looking for casual sex.

According to Foong, such platforms should not be liable for what its users do outside the platform.

Though TheSugarBook does seem to be using discretion when it comes to ensuring no underage activity, none of these checks can actually guarantee that a user cannot lie their way through to a verified profile. A user could use someone else’s photo and enter their age as older, as they could on their Facebook profile, and a college student could very well be under 18.

However, being below 18 is not actually a legal requirement for registering a profile on a dating app in Malaysia. “Currently, there are no laws stipulating the minimum safety requirements of a couple matching platform,” says Foong.

“Assuming that a minor circumvents the age requirement and falsely pretends to be a person of 18 and above, I don’t think such platform would be doing anything illegal,” he continues.

BFM Podcast: LANDMARK #22: WHAT HAPPENS WHEN OUR PERSONAL DATA IS LEAKED

Late last year, it was reported that the private data of 46.2 million mobile phone subscribers were leaked sometime in the middle of 2014. All 14 telcos were affected in what is Malaysia’s biggest ever data breach. Explaining what this means for you and me is lawyer Foong Cheng Leong. He chairs the KL Bar’s Information Technology and Publications Committee.

Your browser does not support native audio, but you can download this MP3 to listen on your device.

SayaKenaHack.com and Privacy

Recently, tech blogger Keith Rozario created the website SayaKenaHack.com, a platform to allow people to check if they were affected by the data leakage of 46.2 million mobile phone subscribers. The website allowed users to key in their identity card number and the website will inform the users whether they are affected by the leakage. If they are affected, the website will yield a masked mobile number. Some users have complained that those masked numbers do not resemble their mobile numbers.

The Malaysian Communications and Multimedia Commission (MCMC), under s. 263 of the Communication and Multimedia Act 1998 (CMA), directed internet service providers to block the website SayaKenaHack.com on the ground that it had contravened s. 130 of the Personal Data Protection Act 2010 (PDPA).S. 263(2) of the CMA and s. 130 of the PDPA provide the following:

Section 263. General duty of licensees.

(2) A licensee shall, upon written request by the Commission or any other authority, assist the Commission or other authority as far as reasonably necessary in preventing the commission or attempted commission of an offence under any written law of Malaysia or otherwise in enforcing the laws of Malaysia, including, but not limited to, the protection of the public revenue and preservation of national security.

130 Unlawful collecting, etc., of personal data

(1) A person shall not knowingly or recklessly, without the consent of the data user-

(a) collect or disclose personal data that is held by the data user; or

(b) procure the disclosure to another person of personal data that is held by the data user.

(2) Subsection (1) shall not apply to a person who shows-

(a) that the collecting or disclosing of personal data or procuring the disclosure of personal data-

(i) was necessary for the purpose of preventing or detecting a crime or for the purpose of investigations; or

(ii) was required or authorized by or under any law or by the order of a court;

(b) that he acted in the reasonable belief that he had in law the right to collect or disclose the personal data or to procure the disclosure of the personal data to the other person;

(c) that he acted in the reasonable belief that he would have had the consent of the data user if the data user had known of the collecting or disclosing of personal data or procuring the disclosure of personal data and the circumstances of it; or

(d) that the collecting or disclosing of personal data or procuring the disclosure of personal data was justified as being in the public interest in circumstances as determined by the Minister.

(3) A person who collects or discloses personal data or procures the disclosure of personal data in contravention of subsection (1) commits an offence.

(4) A person who sells personal data commits an offence if he has collected the personal data in contravention of subsection (1).

(5) A person who offers to sell personal data commits an offence if-

(a) he has collected the personal data in contravention of subsection (1); or

(b) he subsequently collects the personal data in contravention of subsection (1).

(6) For the purposes of subsection (5), an advertisement indicating that personal data is or may be for sale is an offer to sell the personal data.

In the Personal Data Protection Commissioner Khalidah Mohd Darus’s media statement dated 17 November 2017, the Commissioner stated that SayaKenaHack.com was blocked because it had contained personal data which had been collected without the consent of the data user pursuant to s. 130 of the PDPA. The Commissioner then advised members of the public to be vigilant when sharing personal data with others, among others.

Unfortunately, Keith Rozario decided to close SayaKenaHack.com upon being blocked. It would be interesting if he had filed an action to challenge the blocking order. So far, there is no reported case on anyone challenging a “blocking order” by MCMC in Court.

There ought to be checks and balances against such blocking order. Under the s. 10A of the Sedition (Amendment) Bill 2015, the Public Prosecutor must make an application to a Sessions Court Judge to direct an officer authorised under the Communications and Multimedia Act 1998 to prevent access to any seditious publication. Likewise, s 263 of the CMA should be amended to reflect such checks and balances.

I was interviewed by The Star, on my personal capacity (not on behalf of Bar Council, as earlier reported by The Star), on this issue. In The Star’s article dated 18 November 2017 entitled “SayaKenaHack.com only provides information, does not allow data download“, I was asked whether SayaKenaHack.com was in contravention of s. 130 of the PDPA. I replied:-

SayaKenaHack.com did not breach Section 130 of the Personal Data Protection Act 2010 (PDPA), says the Bar Council cyber law and information technology committee.

The committee’s co-chairman Foong Cheng Leong said the website was merely a platform for users to check whether their personal data had been leaked or breached.

“Currently, the Malaysian Communications and Multimedia Commission (MCMC) is blocking the website for breaching Section 130 of the PDPA for unlawful collection of personal data.

“If the website allows people to download the personal data of others, then it will be a violation of PDPA.

“Therefore, the website did not violate the PDPA,” he said when contacted yesterday.

In The Star’s article dated 31 October 2017 entitled “M’sia sees biggest mobile data breach“, I added:-

“..assuming that the leak was after the enforcement of the Personal Data Protection Act 2010, there might have been a breach of the Act’s Security Principle by the data users.

The Security Principle requires data users to process personal data securely, but there is not much customers can do other than file a complaint with the Personal Data Protection Commissioner

There may be a recourse against the telecommunication companies for negligence i.e. failing to ensure that the subscribers’ personal data are adequately protected. In an article dated 20 November 2017 in The Other, I said:-

For Malaysians looking for legal recourse in light of the mass data breach, Foong Cheng Leong, a lawyer specialising in cybersecurity law, says it is possible. “If they have the evidence to show that the telco was the source of leak and they had been negligent.”

Currently, a company is now being investigated for causing the said personal data protection leakage.

On a separate issue, in The Star’s article dated 26 November 2017 entitled “Going full force to enforce Act“, the Personal Data Protection Commissioner stated that 3 companies have fined for contravening the PDPA.

The Commissioner added that mobile applications are not required to be registered under the PDPA. But the operators must comply with the PDPA since they process personal data in commercial transactions.

I was asked to comment on this issue. I said:-

..an individual has a right under the PDPA to request a copy of the personal data processed by the data user.

“You also have a right to withdraw your consent in allowing your personal data to be processed by a data user.

“However, the data user has the right to refuse the request to delete the data if they are required to process such information by law,” he says.

Foong urges the public to always be aware of what companies will use their data for by reading the privacy policy.

“Online users should also be vigilant in what data they provide. If it isn’t necessary, online users need not give such data,” he says.

Withholding Tax Exemption on Payment to Non Residents For Technical Advice, Assistance, etc

The Minister of Finance has granted withholding tax exemption (WHT) on payments to non-residents that fall within Section 4A(i) and (ii) of the Income Tax Act in respect of offshore services via the Income Tax (Exemption) (No. 9) Order 2017.

In effect this reverts to the previous position, such that intellectual property services (such as trade mark, industrial designs and patent registrations) provided and performed from 6 September 2017 by a foreign intellectual property agent outside of Malaysia will be exempt from WHT.

Seminar on GET WIRED! Updates on Tech Laws and Cyber Security (24 Aug 2017)

The Bar Council Information Technology and Cyber Laws Committee is organising a seminar focusing on the important aspects of information technology (“IT”) and cyber law on 24 August 2017.

In this seminar, I will speak on the topic of “Practical Steps in Tracing a Person Online“. I will speak on keyword search investigation, and discovery orders and cases relating to discovery orders against data processors.

The other topics would be “Search and Seizures of Computers — Advising Clients” by Ravin Vello, “Wrap n Snap: Technology IP Mash-up” by Suaran Singh and “Overview of Malaysian Cyber Laws and Latest Updates” by Deepak Pillai.


Click on image to enlarge

You may register for the event at here

LegalHack Series: How to download files from the Malaysian e-Court File System (Phase 2)

[Edited on 13 December 2017]

In 2016, I posted an article entitled “LegalHack Series: How to download files from the Malaysian Court Online File Search System” (“LegalHack Case Search No. 1“). With the introduction of the new e-Court system (Phase 2), the said search method is no longer usable.

Instead of introducing a new and effective way for users to conduct file search, the new system followed the old method. A user is still required to pay a fee (RM8 and RM12 for a file search in the Subordinate Courts and High Court respectively) and the user is only given 30 minutes to do the search. It is baffling why the Court could not roll out a one-off fee to allow users to download every file instead of forcing them to view them online (ie on their browser). User will have to print the page one by one if they want to have a copy on their computer. This is fine if the document does not have many pages. However, there are a few good features introduced on this new system. For example, the timer will stop if you are loading a page, and Court issued documents (e.g. letters) can also be viewed.

For larger files (20 pages and above), it would be more time efficient to download the entire document rather than printing it one by one. Under the old efiling system, I could download a large amount of files within 30 minutes using the LegalHack Case Search No .1. Nevertheless, it is still possible to download files using Phase 2 but it is slightly more complicated.

I found one possible way (which requires no scripting or complicated software) to do so (click images below to enlarge).

The steps are as follow:-


Step 1: Purchase a Token at https://ecourtservices.kehakiman.gov.my/.


Step 2: Go to the File Search Page. Enter the token code and suit number thereafter.


Step 3: At the Case Information page, click on Document Listing.


Step 4: Choose the file you want and open it. Instead of loading the page one by one and allowing the timer to run, obtain the Serial Number (S/N) of the file at the bottom of each page.


Step 5: Once you obtain the Serial Number, go to the “Pengesahan Dokumen” page at the eCourt website. Enter the Serial Number and click on “Sahkan”. If the Serial Number is correct, you will be able to view the file without a running timer.


Step 6: Each page of the file will load when you scroll to that page. You will need to ensure that every page is full loaded before you do the next step otherwise you will have an empty page.


Step 7: Once all the pages are loaded, right click on the page and click on “Save As”. Save the entire page into a folder of your choice.


Step 8: Then go to the folder “Pengesahan Dokumen_files” and find the file “Viewer.html”. Copy and paste the file “Viewer.html” to another folder.


Step 9: Open the Viewer.html file using your Chrome browser. The file you open now will only show some buttons on the top left side and the content of the file in PNG format.


Step 10: Instead of downloading the PNG files one by one and merging them into a single file, you can save them all into one PDF file by printing the page into PDF (Ctrl + P). Choose “Save as PDF” or any PDF maker of your choice (e.g PDF24 or doPDF). Under More Settings, choose Paper Size A1 and Margins: Default. By saving it in this manner, you will have a nicely formatted PDF file. If the file is not properly formatted, you can change the Paper Size and Margins to get the right fit.

Tips:
1. Save all the files you need before converting them to PDF.
2. You may need a slightly powerful computer to convert the files into PDF as some files that you download may be very large. I had a 2 Gigabyte file from a 400 page affidavit. However, you can breakdown the conversion of the files by setting the system to print 50 or less pages per print.

Known Bugs:-
1. The eCourt system timer may reset to 0 while doing a file search. You will have to email the eCourt Helpdesk for assistance otherwise you will should purchase another token.
2. If there are two or more cases which have the same suit number (e.g. in Kuala Lumpur and Selangor Court), you will be automatically directed to one case and you have no option to choose another case.

1 2 3 26  Scroll to top