Monthly Archives: January 2013

Trial by Facebook

I was featured in The Star newspaper in their article entitled “Trial by Facebook” in January 2013.


Trial by Facebook
Posted: 11th January 2013 by R.AGE in Stories

By KEVIN TAN and ANGELIN YEOH
alltherage@thestar.com.my

MANY memes and posts go viral on the Internet every week, from harmless Chuck Norris jokes to the more factious Relatable Romney photos. Last week, it was a set of Facebook photos of a 13-year-old alleged rapist – complete with the boy’s full name, MyKad number and address.

One of the photos was accompanied by a description, written by the man who posted it, claiming the boy had allegedly tried to rape his girlfriend at a petrol station in Malacca. The alleged victim also posted a detailed account of the incident.

The post quickly went viral, appearing on various online forums and social networks even before the boy was charged in court. The police probe into the incident had not even begun.

One Facebook user commented: “Show the (boy)’s face! Embarrass him! And I guess most of us already saw his face!”

Another one added: “It can only get worse from here on. Well we all got this kiddo’s home address, lets go protest and harass the family. The apple doesn’t fall far from the tree.”

Though the boy was eventually charged after a police investigation (and will now face a magistrate court), questions have to be asked on why so many social media users decided to share the photo – even though the case was not verified at the time, and involved the naming and shaming of a minor.

According to lawyer Foong Cheng Leong, the Kuala Lumpur Bar Council’s IT committee co-chairman, the act is firmly against the law.

“Under Section 15 on Child Act 2001, whenever anyone under the age of 18 is concerned; no mass media should disclose information related to the name or whereabouts of a child who is implicated in any offence,” he said.

Anyone found to have committed the offence of circulating an image or personal details of an underage suspect would be liable to a hefty fine, a prison term of not more than five years, or both.

Even now, photos showing the boy’s face are still all over the Internet. A comic artist even created his own “poster” using the photos, describing his anger at the incident. The poster was uploaded to the artist’s Facebook page a day after the incident, and has been shared nearly 30,000 times.

There have been several high profile incidents involving reckless dissemination of sensitive information over the Internet in recent weeks. A student in Kerala, India was wrongly identified through a photo on Facebook as the victim of the brutal New Delhi gang rape case. Her parents filed a complaint with the police over the incident.

Before that, Ryan Lanza hit out on Facebook after he was mistakenly identified as the gunman involved in the Sandy Hook Elementary School shooting in Connecticut, US. His brother Adam was later revealed to be the gunman.

So, is the “Facebook mob” getting out of control? Is the quest on social media to raise awareness about crime slowly descending into anarchy?

Viral vigilance
For digital media expert David Lian, the Asia-Pacific digital lead for PR firm Text100, incidents like these are just an unfortunate result of the speed of the Internet.

“I don’t think any of these incidents were done maliciously. It’s just so easy to share things on social media now. A friend of mine shared something about a scam this morning, and I shared it too.

“It’s a normal reaction. Not everyone will have the resources to verify the stories, but when you feel it’s a life or death kind of thing like with crime, you just share it,” he said.

Indeed, Facebook posts about harrowing encounters with criminals tend to go viral quite easily these days.

In August last year, three men armed with machetes broke into Eric Lim’s family home in Serdang, Selangor. He rushed home from his office to find blood splattered all over the living room floor, as his brothers and mother who were home at the time had put up a fight.

Lim, 25, used his mobile phone to take pictures of the scene, which he uploaded to Facebook along with an account of what had happened.

Initially, he received a lot of well wishes from family and friends, never expecting the post to go viral. But in just a matter of weeks, the post received over 1,700 shares, and he was getting well wishes from complete strangers.

“When I posted those images and my story, it was all about raising awareness among my friends. I wanted them to know what happened, to hear my account first-hand. Hopefully, that will inspire them to be more vigilant.”

Marketeer Chin Xin-Ci, 26, understands this phenomenon better than most, being the publisher of one of the first high-profile viral crime stories. Chin was the victim of an unsuccessful kidnapping attempt in May last year, and her Facebook post detailing the experience got more than 10,000 shares in a matter of hours. The story became national news.

“When I first shared on Facebook that I had been robbed and almost kidnapped (this was just a couple hours after the incident), quite a number of my family members and friends were worried . So I thought I’d just write the note as a cathartic release, and also I wouldn’t have to repeat myself to every friend I meet,” said Chin.

Chin added when she wrote the note, she remembered what a policeman at the scene mentioned to her.

“A police officer told me I was lucky to have escaped. So as I wrote the note, I thought ‘maybe the thought process that helped me get away might help someone in the same situation?’”

A Facebook page called PJ Community Alert (facebook.com/community.alert) now compiles and shares posts like Lim’s and Chin’s to keep the public vigilant and help nab the perpetrators.

Foong however, is still worried about how often people are now sharing crime-related information without “verifying the facts”.

“Sometimes a social media posting could be defamatory in nature. It could be distressing for a person’s professional and personal life if others were to go around circulating such false information about the person,” he said.

Digital culture writer and consultant Niki Cheong believes most social media users still do not understand the ramifications of their actions.

“People are not aware of the laws. Protecting the identity of minors, for instance, is something journalists are familiar with. But now everyone is a publisher, but not everyone is equipped with this education or knowledge,” he said.

Another important issue, according to Cheong, is the blurring of “social ties”.

“Offline, our social networks are a bit more restrained. We are selective of our friends. We categorise them with labels like ‘acquaintances’, and we use these markers to help evaluate what they say – can we trust this person, where did she get this information, etc.

“It’s different online. we have become less invested in who our friends are, and we know less about them. Is he or she a gossip? Is he or she credible? Because we don’t have this background knowledge with which to evaluate online information, our judgement is affected,” he added.

Nevertheless, Chin hopes to prove that this viral effect can be used not only to warn others about danger, but to inspire kindness as well.

“After I shared my experience, a ‘crime-story-sharing’ trend kind of started on Facebook. It got a bit depressing after awhile. My friend, Khai Yong, actually came to me with an idea to start spreading good stories instead,” she said.

The idea became The Kindness Project, a Facebook page that shares inspiring stories of kindness from Malaysians.

“We want to remind Malaysians online that while there is a lot of bad in this world, there is hope as Malaysia is filled with tonnes of kind people, and we can all make a difference in our own way.”

Protecting your Intellectual Property Rights in Malaysia

This article was published in the December 2012 issue of The Bridge, a quarterly magazine published by the Malaysia Canada Business Council.


In this article, Mr. Foong Cheng Leong briefly sets out the intellectual property rights protected in Malaysia.

Foong Cheng Leong is an Advocate and Solicitor of the High Court of Malaya and also a registered Malaysian trade mark, industrial designs and patent agent. He is also the co-Chairman of the Kuala Lumpur Bar Information Technology Committee and a member of the Malaysian Bar Council Intellectual Property Committee.

The recognition of intellectual property rights in Malaysia started as early as the 1800s during the Straits Settlement days. As the years go by, laws to protect intellectual property rights were expanded. Malaysian intellectual property laws are fairly similar with the laws of other Commonwealth countries and more or less in accordance with international practice.

Trade Mark

A trade mark is an important asset for all businesses. It consists of a device, brand, heading, label, ticket, name, signature, word, letter, numeral or any combination thereof. It provides their owners with the legal right to prevent others from using an identical or confusingly similar mark.

In Malaysia, the laws that govern trade mark rights can be found under the Trade Marks Act 1976 and Trade Marks Regulations 1997. Trade mark proprietors can choose to protect their marks through the process of registration. This gives the registered proprietors exclusive right over the trade marks thus allowing them to take legal action against anyone who infringes their rights.

The trade mark registration process is administered by the Intellectual Property Corporation of Malaysia (also known as MyIPO. Website at www.myipo.gov.my ). Prior to filing an application, an applicant is advised to conduct a search at the Trade Mark Register to determine whether there are any identical or similar trade marks that were filed. Such search would be useful to the applicant to determine whether to use or file their trade mark in Malaysia.

Further, when deciding whether to register a mark in Malaysia, one must ensure that the mark is distinctive. A distinctive mark means a mark that is capable of distinguishing the goods or services of the proprietor from other traders.

The registration process in Malaysia normally takes about 1 to 2 years. Upon registration, the proprietor will be issued a Certificate of Registration valid for ten (10) years and it is renewable every ten (10) years.

Copyright

Copyright protects various type of works such as literacy works which covers novel, lyrics, articles, computer program and so on; dramatic works such as dance choreography; artistic works such as paintings, photographs or any logos, drawings; musical works; recordings; broadcasts and finally, layouts. However, it does not cover procedures, methods of operation or mathematical concepts as such. The law regarding copyright protection in Malaysia can be found under the Copyright Act 1987.

Effective from 1 June 2012, it is possible to make a notification of copyright under the Copyright Act 1987 and Copyright (Voluntary Notification) Regulations 2012 with MyIPO. A notification of copyright can be made by the author of a work, the owner of the copyright in a work, an assignee of the copyright or a licensee of an interest in the copyright.

The notification of copyright will be prima facie evidence of copyright and is useful when dealing with copyright infringement proceedings.

Industrial Designs

Industrial designs right is an intangible right to the features of shape, configuration, pattern or ornament applied to an article by any industrial process or means, being features which in the finished article appeal to and are judged by the eye. Industrial designs law is governed by the Industrial Designs Act 1996 and Industrial Designs Regulations 1999 in Malaysia.

However, industrial design does not include the method of construction of the device or features of shape or configuration of an article which are (1) dictated solely by the function which the article has to perform, or (2) dependent upon the appearance of another article of which the article is intended by the designer to form an integral part.

An applicant may file an application to protect their rights with MyIPO. It must be highlighted that the applicant must file their industrial design first before they could disclose the same e.g by way of sale to the public failing which the design will not be considered as new.

A registered industrial design is given an initial protection period of 5 years from the date of filing and is renewable for a further two consecutive terms of 5 years each.

Patents

Patents are grants given to owners by the government which give the owner an exclusive right over the invention that they have created. Invention can cover product or processes. The protection also gives the owner the exclusive right to stop others from manufacturing, using and/or selling the owner’s invention in Malaysia without the owner’s consent or permission.

For the invention to be patentable, it needs to be new, involves inventive steps and industrially applicable. A “minor invention” can also be as an utility innovation granted provided that it is new and industrially applicable.

A patent and utility innovation can be protected by filing an application with MyIPO. A patent is protected twenty (20) years from the date of filing and a utility innovation is protected with an initial period of ten (10) years and is renewable for a two consecutive terms of five (5) years each.

Malaysia has acceded to the Patent Cooperation Treaty thus the PCT international application can be filed at MyIPO where MyIPO is acting as the Receiving Office for the international filing of PCT application.

Geographic Indications

A geographical indication helps to indicate the geographical origin of certain goods and possess unique qualities or characteristics that essentially represent the good’s place of origin. Basically, it points to the place where the goods or the characteristics of the goods are originated from. In Malaysia, “Sabah Tea’, ‘Tenom Coffee” and “Borneo Virgin Coconut Oil’ are registered geographical indication.

Only producers carrying on their activity in the geographical area specified in the Register shall have the right to use a registered geographical indication in the course of trade. The right of use be in respect of the products specified in the Register in accordance to the qualify, reputation or characteristic specified in the Register.

The current law in Malaysia that governs the protection of geographical indications can be found under Geographical Indications Regulations 2001.

Applicant can register geographic indications with the MyIPO. However, if the geographic indications are not found in Malaysia, then an agent shall be appointed in Malaysia. A registered geographical indication is given ten (10) years of protection from the date of filling and is renewable for every ten (10) years.

Confidential Information

Confidential information in this context usually means any information that is kept private and is not disclosed to the public. For examples, any new product design, trade secrets, software, business information, marketing strategy and so on.

There is no formal registration process for confidential information in Malaysia. It is possible to sue parties for breach of confidence.

Conclusion

All businesses that wish to invest or trade in Malaysia should consider registered their rights in Malaysia. As Intellectual Property rights are generally territorial, one should take all steps to secure their rights before investing or trading. For example, if a foreign entity discovers that a local company is trading in the same trade mark as the former and earlier than the former in Malaysia, the former should consider using another trade mark or purchase the said trade mark from the latter provided that there is no element of misappropriation.

The author would like to acknowledge Lim Chia Ann for her assistance in preparing this article.

PDPA: Businesses have responsibilities and burdens

I was invited to contribute to a monthly column in Digital News Asia which I named it as Bread & Kaya. The column will have legal news relating to intellectual property, cyberlaws, franchise, data privacy and the like.

My first article “PDPA: Businesses have responsibilities and burdens” was published on 31 December 2012.



Dec 31, 2012

  • PDPA comes into force Jan 1, 2013, and companies have three months to comply
  • Many have waited, and now may not have enough time to processes in place
  • Bread & Kaya by Foong Cheng Leong

    WELCOME to the inaugural Bread & Kaya column! The term is a Malaysianized version for bread-and-butter. This column aims to be your bread-and-kaya serving of legal news relating to intellectual property, cyberlaws, franchise, data privacy and the like.

    You may have read some of my articles in The Star’s Putik Lada column or in LoyarBurok. If this is the first time you’re reading my articles, “Hello.”

    Without a doubt, 2013 will be an interesting year for businesses. Many new laws and regulations will be introduced, and the Personal Data Protection Act 2010 (PDPA) is one of them.

    It was reported that the PDPA would come into force on Jan 1, 2013. Businesses have three months from the date of enforcement to comply with the Act. Similarly, Singapore will have its own Personal Data Protection Act 2012 coming into force on Jan 2, 2013.

    Notwithstanding the reported enforcement date of Jan 1, 2013, there is no official government gazette confirming this as I write this column. Thus, the PDPA would still not be in force until such a government gazette is published.

    What is the PDPA?

    The PDPA provides that any information that directly or indirectly relates to a data subject (i.e. individual) who is identified or identifiable from that information, is personal data. This information may take various forms, such as your name, passport number, telephone number and email address.

    A person who processes personal data is called a data user. Companies processing individual customers or employees’ personal data must comply with the PDPA.

    Under the PDPA, a data user, in processing personal data, must comply with the following principles:

    (1) General Principle;
    (2) Notice and Choice Principle;
    (3) Disclosure Principle;
    (4) Security Principle;
    (5) Retention Principle;
    (6) Data Integrity Principle; and
    (7) Access Principle.

    Failure to abide by any of the above principles amounts to an offence. Upon conviction, the data user is liable to a fine not exceeding RM300, 000 or to imprisonment for a term not exceeding two (2) years or to both (S. 5(2) PDPA).

    [RM1 = US$0.33]

    Under these principles, the collection and use of personal data must be consented to by the data subject and steps must be taken to ensure that the data is stored securely. The processing of personal data cannot be excessive in relation to the purpose or related purpose of which the personal data is collected.

    Adequate notice must be given to data subjects that their personal data will be processed, used, and the purpose of the same. Such notice must be in writing and in the Malay and English languages. Personal data no longer in use has to be destroyed.

    Further, personal data cannot be transferred outside Malaysia unless such a place is specified by the Government, consented to by the data subject, or is necessary for the performance of a contract between the data user and the data subject.

    The PDPA only applies to personal data processed in relation to “commercial transactions.”

    What do you need to do?

    If you are processing employees or individuals customers’ personal data, you are advised to, among others:-

  • Access how the PDPA affects your organization;
  • Prepare a privacy notice, in Malay and English, to be issued to potential and current employees or customers;
  • Prepare a Personal Data Policy to govern the processing and handling of personal data by employees;
  • Prepare a Retention Policy for employees or customers’ personal data and audit the personal data of previous employees or customers in order to dispose personal data that are no longer in use;
  • Establish a data access procedure for employees or customers to access their personal data;
  • Ensure that the storage of the employees and customers’ personal data is secure;
  • Ensure that personal data is only disclosed for the purpose in which the personal data is collected and not disclosed to unrelated parties;
  • Ensure that the relevant personnel such as Human Resource or customer relationship staff are adequately trained in data protection laws and practice;
  • Review data collection forms so that personal data is not collected excessively; and
  • Ensure that personal data are transferred overseas lawfully.
  • Consent

    The word consent is not defined in the PDPA. However, in early December 2012, Deputy Minister of Information, Communications and Culture Datuk Joseph Salang announced that “whenever consent is required for data processing, it’ll have to be given expressly rather than impliedly or be assumed.”

    This would mean that there must be some sort of active communication between the parties. For example, if a company wishes to obtain more information about an individual, the former would need to get the individuals’ express consent by contacting the individual.

    In this regard, all companies will need to ensure that all possible purposes for processing the personal data are set out before the collection of the data. Additional procedures may need to be established to ensure consent is captured.

    Express consent can be gained in a variety of ways — for example by filling in a form, ticking a box on a website, over the phone and face-to-face.

    Although express consent seems to give individuals added protection, this is not necessarily true. Malaysia’s restricted view on the definition of consent will have an impact on businesses and individuals. Additional cost will be incurred in establishing new procedures and practices such as new forms, storage, impact analysis and compliance exercises. Individuals may also be swamped with requests for consent from time to time, although the individual would ultimately consent.

    Companies will need to wait for individuals’ express consent before they can roll out new projects.

    To give an example on how the PDPA will affect business:

    Company X wishes to roll out a new security system to enter the office. The system utilizes the employees’ personal data as unique identifiers. In view of the express consent requirement, Company X will need to get the employees’ express consent to use employees’ personal data. If certain employees refuse to do so, such system cannot be fully utilized.

    In the event that a data subject disputes that express consent had been given, the data user will need to show that express consent had been given. Assuming that we adopt the implied consent regime, it is arguable that a data subject had implied consent to processing of personal data if the data subject uses the data user’s services.

    However, with express consent, evidence must be provided and this may be difficult, especially in electronic transactions.

    In such a case, Section 114A of the Evidence Act 1950 may be helpful to data users as it puts a presumption of publication by a person if his or her name appears on a particular content. The affected individual will need to prove that he did give express consent. This may be costly, highly bureaucratic and time consuming.

    Closing

    The PDPA is supposed to bring an end to unsolicited communication, but it will cause drastic changes to Malaysian businesses.

    Much valuable commercial data will be lost due to the PDPA. It is noted that many Malaysian industries had taken the wait-and-see approach. This is alarming considering that three months to comply with the PDPA will probably be not enough.

    The Personal Data Protection Department recently issued Malaysian Personal Data Protection Department’s Public Consultation No. 2/2012 entitled “Class Of Data User Under The Personal Data Protection Act 2010 And Proposed Fees” which sets out the class of data users that is required to register with the Commission. [Click here to download].

    The release of such consultation paper is commendable. I hope that the Commission or the Personal Data Protection Department will issue more of these consultation papers and guidelines on the interpretation of the PDPA.

     Scroll to top