Bread & Kaya 2023: Noteworthy cyberlaw cases in 2023

  • The unreliability of metadata and poison pen letters
  • Beware use of the thumbs up and other such emojis
  • Parameters by Jawatankuasa Fatwa Negeri Selangor to be followed if dealing with Bitcoin
  • Not a defence for an accused to claim that they did not know that the victim is a child

2023 was the year where many lawyers started to experiment with ChatGPT in their legal practice. In fact, some parts of this article were drafted with the assistance of ChatGPT where I had used it to summarise my cases below. However, many parts were imprecise and had to be corrected.

These cases are additions to the new edition (2nd edition) of my upcoming textbook, Foong’s Malaysia Cyber, Electronic Evidence and Information Technology. The case summaries were originally written in detail for the textbook but with the help of ChatGPT, it halved the original text and made them easier for lay people to read.

The use of ChatGPT by lawyers however had not attracted positive use.

In the American case of Mata v. Avianca, Inc  (1:22-cv-01461). The United States District Court found that the attorney in charge and his law firm had “abandoned their responsibilities when they submitted non-existent judicial opinions with fake quotes and citations created by the artificial intelligence tool ChatGPT, then continued to stand by the fake opinions after judicial orders called their existence into question”.

Essentially, the attorney had submitted a document with purported judicial cases that were generated with the help of ChatGPT but these judicial cases did not exists. The Court issued a show cause notice to him. He and his firm were sanctioned by the Court and fined US$5,000 (RM21,892), among others.

This later led to some US Courts imposing restrictions on the use of generative artificial intelligence. One example is where United States District Court for the Western District of North Carolina imposed the requirement of filing a certificate with any brief or memorandum submitted to the Court stating that no artificial intelligence was employed in doing the research for the preparation of the document, with the exception of such artificial intelligence embedded in the standard on-line legal research sources, among others.

Anti-stalking law bites

The anti-stalking law introduced last year under s. 507A of the Penal Code had its first bite when one Mohamad Safiq bin Rosli (Shah Alam Magistrate Criminal Case No. BA-83-1937-08/2023)) was charged with allegedly stalking one Acacia Diana who had highlighted her ordeal on the social media platform X. Her story became viral, and this led to an arrest and charge of the accused. He was later found to be of unsound mind and acquitted and discharged and placed and detained at the pleasure of the Sultan of Selangor under s. 348 of the Criminal Procedure Code.

[Ed: At the pleasure of the Sultan means a prison sentence that does not have a set length and the prisoner can be released at the discretion of the Sultan.]

Defamation

Based on the number of cases filed in the Court assigned code for defamation cases (i.e. 23CY and B53CY), there were at least 103 defamation cases filed in the Klang Valley. However, the number of cases should be greater as some of these cases were not filed in the said Court assigned codes.

[Ed: Cases are focused on those filed in the Klang Valley as it is not easy to trace the numbers for other courts.]

In Sundra Rajoo Nadarajah v Leaderonomics Sdn. Bhd. & Anor (2023) 5 MLRH 284, the plaintiff, a respected arbitrator and former Director of the Asian International Arbitration Centre (AIAC), sued the defendants for defamation after an anonymous “Poison Pen Letter” was published, which went viral and significantly harmed his reputation and career. The plaintiff alleged that the defendants were responsible for the letter’s publication.

To identify the author of the Poison Pen Letter, the plaintiff employed IT forensic experts who analysed the metadata of the Microsoft Word document (“MACC.docx”) version of the poison pen letter. They found that the username associated with the document was “Leaderonomics,” the name of the 1st defendant. However, the defendants contested this evidence, arguing that metadata can be edited and manipulated, and thus, it was unreliable for proving authorship.

The 2nd defendant, alleged to be involved in the publication, had passed away before the trial, so the case against him was withdrawn. The plaintiff also invoked s. 114A(3) of the Evidence Act 1950, which presumes that whoever has control of a computer from which defamatory content originates is considered the publisher, unless proven otherwise.

The High Court ruled that while the metadata suggested “Leaderonomics” as the author, this alone was not sufficient evidence to prove authorship. The plaintiff’s own expert witness admitted that the poison pen letter itself cannot establish or prove which computer, server, account or IP address that the file originated from. The metadata properties do not prove the identity of the actual user behind the username “Leaderonomics”.

Additionally, the court found that the 1st defendant, being a corporate entity, could only be held liable if it was proven that an authorized employee had published the letter, which was not adequately pleaded by the plaintiff.

Regarding section 114A(3), the court acknowledged that the presumption could apply to the 1st defendant if it had control over the computer used to publish the letter. However, the defendants successfully rebutted this presumption by demonstrating that the 2nd defendant had custody of the laptop from which the letter was published.

Consequently, the High Court dismissed the plaintiff’s claim against the 1st defendant with cost.

Defamation suit by business against online users is a common occurrence these days. In Loh Li Sze v. Eugene Chong Haou Inn & Anor [2023] CLJU 1620, the parties were involved in a dispute over the sale of frozen seafood by the plaintiffs to the defendant over Facebook Live. The defendant was dissatisfied with the weight and size of the seafood and the plaintiffs eventually refunded the money paid for the frozen seafood. However, the frozen seafood was never returned.

This led to publication of 3 viral Facebook postings by the defendant that essentially said that the plaintiffs had cheated her. The defendant also urged her followers to viral one of the postings. The plaintiff filed the suit in the Sessions Court. The defendant claimed the defence of fair comments and justification.

The Sessions Court found that the postings to be defamatory and the publications were actuated by malice. The Sessions Court granted US$11,425 (RM50,000) damages.

The High Court declined to interfere with the findings of the Sessions Court as it was not shown that the Sessions Court was plainly wrong in arriving at its decision. As long as the Sessions Court’s conclusion can be supported on a rational basis in view of the material evidence, the fact that the appellate Court feels like it might have decided differently is irrelevant.

In addition, the High Court said that reading the melodramatic postings and the defendant’s numerous urgings to her followers to viral her postings the defendant’s motive was clearly to solicit more followers through her postings and she was delighted in gloating on the plaintiffs’ predicament. There is basis for the Sessions Court judge to find malice based on the testimonies of the witnesses and certain postings of the defendant.

Further, the postings by the defendant that the plaintiffs are cheats are not comments on facts but a statement of fact. Therefore, the defence of fair comment is not available to the defendant. In addition, the defendant failed to state which of her words are comments and which are facts as required under the law.

The defendant also argued that the plaintiffs suffered no losses. The High Court held that this is a frivolous defence. The express averment of cheating entitles a party to damages without the need of proof.

Can “emojis” be used to signify an agreement?

In the Canadian case of South West Terminal Ltd. v Achter Land & Cattle Ltd  (2023 SKKB 116), the Court dealt with the question of whether a thumbs-up emoji “👍” by the defendant in response to the plaintiff’s request to confirm the terms of a contract sent by way of an electronic message. The plaintiff had signed the contract and took a photo of the contract before texting it to the defendant. The defendant argued that it was simply to confirm that he had received the contract. The defendant was later cross examined on the use of the thumbs-up emoji.

The Court referred to the dictionary meaning of a thumbs-up emoji which meant “it is used to express assent, approval or encouragement in digital communications, especially in western cultures” and took judicial notice of the same.

The Court held that there was a contract between the parties. The Court looked into the circumstances leading to the conversation and those circumstances supported the plaintiff’s version. The Court also held that thumbs-up emoji is an action in electronic form that can be used to allow to express acceptance as contemplated under the Canadian Electronic Information and Documents Act, 2000, SS 2000, c E-7.22.

The defendant argued that a simple thumbs-up emoji to signify identity and acceptance would open up the flood gates to allow all sorts of cases coming forward asking for interpretations as to what various different emojis mean. The Court held that the “Court cannot (nor should it) attempt to stem the tide of technology and common usage – this appears to be the new reality in Canadian society and courts will have to be ready to meet the new challenges that may arise from the use of emojis and the like”.

In our local case of SG Home Style Sdn Bhd lwn. Ng Kim Lian [2023] SMCU 46, the Magistrate held that the OK gesture emoji “ ” made by the defendant to the plaintiff in a WhatsApp conversation amounted to an agreement to an attendance fee. The learned Magistrate took judicial notice of the contents of the Wikipedia post for OK gesture stating that in most English-speaking countries, it denotes approval, agreement, agreement and that all is well or okay. The learned Magistrate also combed through the WhatsApp conversation between the defendant and plaintiff’s witness and found that defendant habitually reply to the plaintiff’s witness with the same emoji to answer the plaintiff’s messages.

However, in the High Court case of CC Land Resources Sdn Bhd & Anor v. Geo Win Sdn Bhd [2023] CLJU 1206, the High Court held that an emoji sent by way of a WhatsApp message between the parties is insufficient to amount to unequivocal admission by the defendant. The emoji, as explained by the defendant’s witness, is merely to indicate that he has taken note of the request, and he still requires approvals from his other partners.

In view of the above cases, the fact that an emoji to signal an agreement is used does not invalidate a transaction. The Court must keep up with technology and the way our society does its business. It is a form of electronic message and thus falling within the definition of “writing” under section 3 of the Interpretation Acts 1948 and 1967 and “electronic message” under the Electronic Commerce Act 2006.

It is submitted that in determining whether an emoji amount to an agreement to a certain term, the Court may look into the type of emoji that was being used (e.g. a thumbs-up or an OK gesture),  history of how the sender uses the emoji in the same conversation and the surrounding circumstances.

Online proceedings

Many Courts are now calling back lawyers to attend Court physically especially for trials. In the beginning of 2024, the appellant courts converted many of their online hearings to physically hearings. Online hearings are now things of the pandemic years. Nevertheless, there are still Court cases dealing with the effects of the pandemic to cases.

In Binary Group Services Bhd v Karen Yap Chew Ling [2023] 7 CLJ 534, High Court dismissed the defendant’s application for the ongoing trial to be conducted via remote communication technology. The defendant, unable to return to Malaysia from Cyprus due to health concerns amidst the Covid-19 pandemic, sought multiple adjournments which were granted by the Court.

On the final trial date, the defendant did not appear, and despite requesting another adjournment, her counsel eventually closed her defence. The Court dismissed the application for remote communication technology on the ground that no live issues remained since the defendant had already closed her case. Judgment was subsequently entered against the defendant.

On appeal, the defendant argued a breach of natural justice. The Court of Appeal disagreed, emphasizing that sufficient time had been provided for the defendant to arrange her return and appear in court. The Court held that natural justice was not breached as the defendant had ample opportunity to present her evidence, undergo cross-examination, and engage in the proceedings.

The Court also highlighted practical concerns with remote cross-examination, such as connectivity issues and potential prompting during breaks, which might compromise the effectiveness of the process. Ultimately, the Court affirmed that the decision to utilize remote communication technology rests within the discretion of the trial judge, guided by considerations of justice, efficiency, and economy, rather than the preferences of the litigants.

The Court of Appeal agreed with the plaintiff’s objection that a trial by way of remote communications technology is not suitable based on the following reasons-

(a)        the trial Judge’s ability to assess appellant’s demeanor and credibility in this case without filter;

(b)       the plaintiff’s counsel’s ability to cross examine the defendant without technical disruption;

(c)        the absence of party representatives to ensure that no off-camera coaching is taking place, not only while appellant is on-camera, but also during the expected breaks; and

(d)       the absence of the solemnity of oath taking in open Court in Malaysia and the general formality of such proceedings.

In Securities Commission Malaysia v. Wong Shee Kai & Ors [2023] 7 CLJ 825, the 1st defendant, a fugitive facing arrest warrants in Malaysia, sought to attend trial via Zoom, citing risk of arrest and claiming entitlement to participate remotely in accordance with his civil rights. The High Court initially allowed his remote presence but later required a formal application for continued remote attendance. The 1st defendant argued his right to participate remotely, while the plaintiff opposed, emphasizing the defendant’s non-compliance with court orders and the potential undermining of justice.

The High Court dismissed the application, ruling that the 1st defendant had not disclosed a specific location for attendance as required under the Practice Direction for Remote Communication Technology i.e Practice Direction 1 of 2021: Management of Civil Case Proceedings Conducted by Long-distance Communications Technology for all Courts in Malaysia (Pengendalian Prosiding Kes Sivil Melalui Teknologi Komunikasi Jarak Jauh Bagi Mahkamah Di Seluruh Malaysia) (“RCT Practice Direction”).

The 1st defendant merely averted that his location is at Port Moresby, Papua New Guinea. The High Court ruled that a person attending the proceedings by means of remote communication technology has to disclose where he is logging in from. Because this specific location is not disclosed, it cannot be said that sufficient administrative and technical facilities and arrangements are made at the place. In the alternative, the 1st defendant could provide proof that sufficient administrative and technical facilities and arrangements are made at whichever place he wants to log in from but none was given.

It found that granting the application would set a dangerous precedent, allowing fugitives to avoid criminal proceedings while participating in civil cases, thus compromising justice and public trust in the legal system. The Court prioritized the proper administration of justice over the 1st defendant’s assertion of rights to remote participation.

The Court retained discretion over the conduct of proceedings via remote communication, declining to grant the 1st defendant’s requests to continue the trial and interlocutory hearings remotely.

The Court of Appeal dismissed the 1st defendant’s appeal based on the plaintiff’s preliminary objection i.e. that the High Court’s order is a ruling under section 3 of the Courts of Judicature Act 1964 and thus not appealable.

Leave to appeal the Federal Court was refused.  It held that “The court dismissed Wong’s leave application as the question of whether the trial judge had erred in his decision is a matter that can be challenged by way of appeal at the end of the trial”. “In this regard Wong’s right to appeal is reserved — it is not that the trial judge’s decision is non-appealable, but rather it is appealable at the end of the trial and not during the course of it. It would not be appropriate for the Federal Court to interfere with the trial court’s discretion at this juncture. Thus, there is no prejudice towards Wong”.

Do we need to check our spam emails?

Electronic service of documents saves parties’ costs and time and eases the administration of justice. However, this method may be disadvantageous to the intended recipient. For example, documents served via email may end up in the spam folder or left unsent in the outbox of the sender or the recipient’s email server may be down during the time of service.

The accused in the case of Mohd Ramadhan Bin Hussin v Pendakwa Raya (Alor Setar High Court Criminal Application No. KA-44-5-02/2023) was an unfortunate victim of this problem. The accused applied for extension of time in the High Court to file his petition of appeal as required by section 307(4) of the Criminal Procedure Code. The reason for the delay was that the grounds of judgment was sent to his lawyer’s email but it ended up in the spam folder.  The High Court dismissed the application and held that, among others, it is the responsibility of the accused’s lawyer to ensure that all emails received by their firm are carefully scrutinized and reviewed, this includes emails received in the ‘spam’ folder.

But when it comes to a litigant’s email address, the same responsibility should not be applied as ordinary email users do not check their spam folder regularly. In Patricia Sue Lin Knudsen v. Joey James Ghazlan [2019] CLJU 2037, the High Court held that cause papers in relation to the proceedings were not all served on the defendant as some of the documents were found in the spam folder of the defendant. 

Ownership of cryptocurrencies in the Syariah Court

In Rosmaliza Binti Mohamad Rosli lwn Mohd Nahar Bin Mohd Nasir (Mahkamah Tinggi Syariah Shah Alam di Negeri Selangor. Kes Mal Bil.: 10100-049-0757-2019), the plaintiff wife sought a declaration that Bitcoin amounting to 206.9967889 which is equivalent to RM10,095,109.20 to be a marriage debt between the plaintiff wife and defendant husband pursuant to s. 61 of the Administration of the Religion of Islam (State of Selangor) Enactment 2003, and that the Bitcoin be returned to the plaintiff wife.

The Syariah High Court directed the issue of whether Bitcoin can be claimed as a marriage debt to be heard as a preliminary issue. In this regard, the Court referred to the “Keputusan Mesyuarat Jawatankuasa Fatwa Negeri Selangor yang telah bersidang pada 8 Muharram 1443H bersamaan dengan 17 Ogos 2021” made a decision on “Hukum Matawang Kripto (Cryptocurrency) : Satu Analisa Syarak” which states the following:

“HARUS untuk menjalankan urus niaga menggunakan mata wang digital sama ada sebagai perantara pembayaran (medium of payment); pemindahan wang (remittance) dan aset simpanan SEKIRANYA memenuhi parameter-parameter di bawah. 

a.         Urus niaga melibatkan mata wang digital hendaklah dilakukan melalui platform pertukaran mata wang digital berlesen yang diluluskan dan dikawal selia oleh pihak berautoriti sahaja;

b.         Pengguna hendaklah mempunyai pengetahuan yang mencukupi mengenai:

i.          Jenis, ciri-ciri utama dan risiko berkaitan mata wang digital;

ii.         Perkara-perkara teknikal yang mencukupi mengenai bagaimana untuk memperoleh mata wang digital dan di mana ia perlu disimpan untuk memastikan keselamatannya;

iii.        Peraturan-peraturan yang ditetapkan oleh platform pertukaran mata wang digital berlesen yang diluluskan dan dikawal selia oleh pihak berautoriti; daniv. Undang-undang dan peraturan yang berkaitan mata wang digital.

c.         Sebagaimana mata wang yang lain, mata wang digital hendaklah tidak digunakan sebagai bayaran kepada barangan, perkhidmatan dan aktiviti tidak patuh Syariah seperti pembelian dadah, pelacuran, perjudian dan pendanaan aktiviti keganasan serta penggubahan wang haram.”

The Syariah High Court was of the view that the parameters set in the decision of Jawatankuasa Fatwa Negeri Selangor must be followed if one intends to deal with Bitcoin. 

The Syariah High Court held that the plaintiff wife must show that the Bitcoin account claimed by the plaintiff wife to follow the parameters set by the Jawatankuasa Fatwa Negeri Selangor. However, she did not do so during the proceedings or in any of her pleadings. As such, the Syariah High Court dismissed the action. 

Loss of cryptocurrencies

A recognised market operator was also found to be liable for negligence over the losses of Bitcoins by a user. In Yew See Tak v Luno Malaysia Sdn Bhd (Petaling Jaya Sessions Court Suit No. BB-B52NCvC-43-08/2021), the plaintiff sued the defendant, a registered market operator licensed by the Securities Commission to operate a Digital Asset Exchange (DAX) for negligence for failing to secure and safeguard his cryptocurrencies. The sum of RM566,570.70 in the Luno account was used to purchase 2.730096 Bitcoins, and the said Bitcoins with his other Bitcoins (amounting to 0.15106083 Bitcoins) in the said Luno account were transferred to an unknown account.

The Bitcoins were transferred to an unknown account in three different transactions but on a single day. The defendant reported that the unauthorised transactions were accessed using the plaintiff’s Luno account and authorised through SMS sent to the plaintiff’s mobile number, among others. The plaintiff had activated a two factor authentication (2FA) in his Luno account and as such, any person who wants to access his account needs to use the 2FA code generated by the 2FA application i.e. Google Authenticator. The defendant concluded that there was nothing to show that his wallet was compromised, and the transactions were irreversible due to Blockchain technology.

The plaintiff testified that he opened an account with Luno to be able to use its functions securely and safely, and he had entrusted Luno to keep and care for the monies and cryptocurrencies in the Luno account. As such, there was a fiduciary relationship between defendant and plaintiff as its customer.

The Court found that the defendant had been negligent and awarded general, aggravated and exemplary damages of RM100,000.

The Court found that the defendant had been lacking in its customer service as it took them 36 hours to inform the plaintiff that his account had been locked over safety reasons. This shows that the defendant did not look at the complaint seriously. The customer service personnel also did not testify to show the role and responsibilities taken by the defendant in handling complaints submitted by their customers. The defendant should take appropriate action within a reasonable time to address the problem complained about.

The defendant’s system ought to have detected the suspicious transactions and trigger a notification. This is a case involving a large amount in two transactions in a short time. The plaintiff is not a new customer but a customer of 5 years. The transactional pattern of the plaintiff can be read and predicted by the defendant. The defendant cannot escape liability by just implementing a 2FA system.

Furthermore, after the plaintiff’s incident, the defendant introduced a new fraud prevention policy to limit transactions made through the platform. With this policy, the defendant can detect if there are transactions which are not normal or above the limit and if so, the transactions will be suspended or investigated. In addition, the Court recognised that other platforms could block suspicious transactions and the defendant failed to do so.

Not only the defendant did not report the incident to the Securities Commission, but there was also a breach of the Securities Commission’s Guidelines on Prevention of Money Laundering and Terrorism Financing For Capital Market Intermediaries.

The Guidelines provide that a reporting institution must conduct ongoing due diligence and scrutiny of its customers throughout the course of the business relationship. Such measures shall include monitoring and detecting patterns of transactions undertaken throughout the course of the business relationship to ensure that the transactions being conducted are consistent with the reporting institution’s knowledge of the customer. It should also consider reclassifying a customer as higher risk and consider lodging a suspicious transaction report with the Financial Intelligence and Enforcement Department of Bank Negara Malaysia.

In respect of the general, aggravated and exemplary damages, the Court considered –

  1. the defendant’s position that its security measures are very good and anything more is not their problem but nevertheless admitted that there was improvement in the security after the incident,
  2. the defendant could at least provide a detailed and urgent investigation and transactions in such an account should be postponed or frozen until the investigation is completed,
  3. the plaintiff had trusted his investment fully on the defendant, and
  4. the plaintiff could have continued with his investment into cryptocurrencies but for the loss of the cryptocurrencies.

However, the High Court overturned the Sessions Court decision on appeal. It was reported that the learned High Court Judge was of the view that the Sessions Court judge had imposed a high standard of care and duty to Luno with not enough evidence tendered. The High Court’s grounds are not available as at the time of writing.

Online sexual grooming

The Sexual Offences Against Children Act 2017 also saw its bite on online sexual grooming. In Hendra Bin Mulana v Pendakwa Raya [2023] CLJU 2230, the Court showed its abhorrence towards child sexual abuse materials and child grooming. The accused was convicted on four charges under the section 8(b) of the Sexual Offences Against Children Act 2017 for requesting for child pornography and sentenced to thirteen years imprisonment from date of conviction and three strokes of rotan (caning) in respect of each charge by the Sessions Court.

The accused had met the victim through a social media platform by the name of BIGO and through his conversation with the victim, he had made the victim send him sexual-related pictures and videos to the accused and had lewd conversations with her. The accused however had never met the victim, but they had communicated via live streaming and WhatsApp calls.

The accused’s defence was that he did not know the true age of the victim because her BIGO profile stated she was 19 years old. He also claimed that the victim had told him that she was still in school, and she was in Form Six (Upper). The accused argued that he had taken all reasonable steps to ascertain the age of the victim and relied on the defence under section 20 of the Sexual Offences Against Children Act 2017. The victim admitted that she did not give her true age but had told the accused that she was 14 years old. The BIGO account was her friend’s account.

The High Court held that there were two ingredients to be fulfilled for an offence under section 8(b) by the prosecution and they were that the victim is a child, and the accused had asked for pornography from the child at the material time. The High Court held that the Sessions Court did not err by ruling that both ingredients were fulfilled. In respect of the first ingredient, it was fulfilled by the provision of the victim’s birth certificate. As for the second ingredient, this was fulfilled through the evidence provided by the prosecution witness, the accused’s own statements and documentary evidence.

The accused defence was that he did not know the true age of the victim. The Sessions Court dismissed this argument and held that the accused should have made an effort to go and meet the victim in person to discover her true age. Pursuant to section 20 of the Sexual Offences Against Children Act 2017, it is not a defence for the accused to claim that he did not know that the victim is a child unless the accused took all reasonable steps to ascertain the age of the person.

The High Court agreed with the Sessions Court and commented that the victim’s photograph shows that she is just a child.  The accused should have also tendered evidence to show that he had taken reasonable steps to ascertain the age of the victim. As such, the High Court upheld the conviction of the Sessions Court but reduced the sentence from 13 years for each charge to 10 years each. The Court of Appeal upheld the conviction and sentence by the High Court.

Software Dispute

The High Court case of Liberty Technology Resources Sdn Bhd v. Suruhanjaya Syarikat Malaysia (SSM) [2023] 1 LNS 1294 highlights the importance of terms on refund and liquidated damages, and role of experts in software disputes.

The dispute centered around a contractual agreement by the name of ERP Agreement where Liberty Technology Resources (the plaintiff) was tasked with developing an ERP system for Suruhanjaya Syarikat Malaysia (the defendant). The agreement was terminated by the defendant due to delays in the project’s completion, leading to legal proceedings initiated by both parties.

The plaintiff alleged wrongful termination and sought significant contractual payments, primarily for third-party software licenses and subscription fees purchased on behalf of the defendant. However, the court found that the ERP Agreement did not explicitly impose on the plaintiff the obligation to acquire third-party software at its own expense unless specifically provided for in the contract. Therefore, the plaintiff’s claim for reimbursement of these costs was dismissed.

Regarding the delays in project completion, the plaintiff argued that these were caused by actions of the defendant. However, the court noted a lack of substantive evidence, such as expert reports or detailed delay analyses, supporting this assertion. Consequently, the plaintiff failed to prove that the defendant was responsible for the delays, which was crucial in the context of their claim for wrongful termination.

On the defendant’s counterclaim, seeking a refund of payments made under the ERP Agreement upon termination, the court ruled in favor of defendant. This decision was based on clear contractual provisions allowing for such refunds in the event of termination. Additionally, the court upheld the defendant’s entitlement to liquidated damages, distinct from the refund, which were deemed necessary to compensate for losses resulting from the project delays.

Throughout the case, expert opinions played a significant role. The defendant presented expert analysis regarding the causes of project delays, which went uncontested by the plaintiff. This further supported the court’s decision in favor of the defendant on issues related to termination, refunds, and damages.

Closing

In 2024, we can expect more interesting developments in the cyberlaw and IT sphere.

  • The Cyber Security Bill 2024 came to force on 26 June 2024. This new law aims to enhance the national cyber security by providing for, among others, functions and duties of the national critical information infrastructure (NCII) sector leads and national critical information infrastructure entities, management of cyber security threats and cyber security incidents to national critical information infrastructures and to regulate the cyber security service providers through licensing, and to provide for related matters. Details of this article can be found in my June article “Bread & Kaya: Impact of the Cyber Security Bill 2024 on the Cybersecurity Industry in Malaysia”.
  • Our government introduced amendments to the Personal Data Protection Act 2010 during the July 2024 Parliament sitting. The new provisions will now require data controllers (a new name replacing data users) the requirements of a data protection officer, data breach notification and right to transmit a person’s personal data to another data controller i.e data portability, among others.
  • Singapore may require online platforms Carousell and Facebook to verify the identity of all their sellers if the number of scams reported on the respective platforms does not drop significantly. This is a welcoming effort by the Singapore Government to curb scam which should be emulated by our government as well.
  • On the topic of scam, new laws are being introduced to combat scams by coming down hard on those involved in the operation of mule accounts. Currently, mule account holders are charged under s. 414 (assisting in the concealment of stolen property) and s. 424 (dishonest or fraudulent removal or concealment of consideration) of the Penal Code, among others. The new proposed provisions will now criminalise any person who has unlawfully in his possession or control of payment instrument or account of another person (s. 424A), giving possession of the same (s. 424B) and engaging in transaction of the same (s. 424C).
  • Social media service and instant messaging service providers with 8 million or more users in Malaysia are required to obtain an applications service provider class licence with the Communications and Multimedia Commission by 1 January 2025 pursuant to Communications and Multimedia (Licensing) (Exemption) (Amendment) Regulations 2024 and Communications and Multimedia (Licensing) (Exemption) (Amendment) (No 2) Regulations 2024. This requirement was introduced to combat rise in cybercrime offences including online scams and gambling, cyberbullying, and sexual crimes against children.

First published in Digital News Asia on 4 and 5 November 2024.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *