Worried About Your Data While Using Gerak Malaysia? We Asked A Lawyer About It

I was interviewed by The Rakyat Post on the use of the Malaysian Government’s mobile application “Gerak Malaysia” which was introduced to allow Malaysians to apply for permission to travel between states during the Movement Control Order, among others. An excerpt (with modification) from the article is reproduced below).

What do you think of the government implementing the Gerak Malaysia app? Do you think it’s an effective move?
The success of the mobile application largely depends on the signup. If not many sign up for it, it will not be very effective. Nevertheless, it is a good idea to have it.

From a security standpoint, do you think that the Gerak Malaysia app is safe?
The mobile application requires quite a lot of personal data of the user. This includes their latest home address, identity card, email, mobile number and location data.

The worry that many Malaysians have now is that what happens if there is a data breach as we have seen in many cases in the world.

We have received numerous unsolicited calls and messages in the past and many of these were attributed to past data breaches due to the lackadaisical practice by private and Government agencies.

There doesn’t seem to be any remedies for the Malaysians who were subject to such data breaches, especially against the Government.

But it is understood that such information is required to track people as soon as possible to deter the further spread of Covid-19. Public health overrides privacy in this case.

Do you think that somehow Gerak Malaysia is designed to be a way for the government to monitor the movement of Malaysians when they travel?
One of the purposes of the mobile application is to track the movement of Malaysians.

According to their privacy policy, the Malaysian Communications and Multimedia Commission will continuously collect your location data and record all of your locations after you have granted it permission via your smartphone.

The location information is also used to track the movement of Covid-19 positive users or any individuals who have close contact with those who are positive, and to inform them to undergo home/quarantine isolation or seek immediate medical attention.

Don’t misuse private info in Covid-19 apps, Putrajaya urged

I was quoted by FreeMalaysiaToday regarding the collection of data by the Government through from people using official mobile application aimed at efforts to curb Covid-19. I said-

A lawyer specialising in privacy laws has urged the government to regulate the collection of data from people using official apps for mobile phones aimed at efforts to curb Covid-19.

Putrajaya should review existing laws on data collection, and should set out the steps taken to protect private information provided by users, says lawyer Foong Cheng Leong.

It was necessary to make sure that the information is used only to deal with infectious diseases “and not for other purposes like political campaigning or police investigations for other crimes,” he said.

Punishments should be set out for those who misuse the data, and there should be provisions to guarantee redress for those harmed by the abuse of the data.

Yesterday the health minister launched the MySejahtera app which allows users to perform health self-assessments, monitor their health and enables the health ministry to also monitor the user’s health.

Two other apps, to trace contacts of infected people, are also being developed separately.

Foong said public health and safety should take precedence during a pandemic. However, there was a need to review existing laws to regulate data collection.

“Any laws passed should take into account the rights of the data subject,” he said.

Public Consultation Paper No 01/2020 – Review of Personal Data Protection Act 2010 (Act 709) [14 – 28 February 2020]

Personal Data Protection Commissioner has issued the above consultation paper on 14 February 2020 to obtain feedback on the proposed amendments to the Personal Data Protection Act 2010.

Notably, the Commissioner is intending to introduce a data breach notification requirement, civil action against data user, right of data user to make first direct marketing call and exemption of business contact from the Act.

I am very much interested in the amendment to include right to initiate civil action a data user. The introduction of the same would be a boost to data privacy litigation in Malaysia.

Currently, there is no remedy for an aggrieved data subject for non-compliance of the Personal Data Protection Act 2010 other than filing a complaint to the Commissioner. There is no provision similar to s. 13 of the United Kingdom Data Protection Act 1998 (now repealed by the United Kingdom Data Protection Act 2018), ss. 167 to 168 of the United Kingdom Data Protection Act 2018) and s. 32 of the Singapore Personal Data Protection Act 2010.

An aggrieved data subject can still pursue civil litigation under the common law. However, this would depend on the circumstances of the case. Invasion of privacy is one possible action but the law is not settled whether invasion of privacy is an actionable tort. The other possible action would be a breach of confidence. These two (2) torts have similar basic requirement i.e. that the information must be private or possesses the necessary quality of confidence. Not all personal information will have or has such elements, especially, when the data subject had published them themselves e.g on their social media page. The proposed civil action under the Personal Data Protection Act 2010 will cover the gap especially matters concerning misuse of personal data which are not or no longer confidential or private.

Deadline to file a response to the consultation has been extended to 10 March 2020.

Introducing Lexscout!

Lexscout is a new legal information service provider in Malaysia. It is a result of a joint venture between Burgielaw and I.

The main features of this search engine are the unreported judgment search and lawsuit search. 

The judgement search allows users to search more than 14,000 legal case judgments of the Malaysia Subordinate Courts up to the Federal Court. Many of these judgement are not reported by local law journals. To lessen research time, tags have been inserted to tell users the subject matter of the case without the need to open each search result. The database is powered by FCL&Co Case Law Search App.

The lawsuit search function is first of its kind in Malaysia. Users can now search if a person or company has been involved in a lawsuit in Malaysia. There is also an option to request for a file search to get more details about the case.

I have used Lexscout to conduct background checks on potential litigants, find precedents, and find materials for my Bread & Kaya articles.

One of the most interesting cases I found through Lexscout is the case of Universiti Utara Malaysia v Facebook Inc (Alor Setar High Court Originating Summons No. KA-24-1-01/2019). In this case, the parties had entered in a consent judgment whereby Facebook has to disclose basic subscriber information of certain Facebook users who allegedly have published defamatory statements. This case shows that pre-action discovery application against Facebook can be made in Malaysia instead of filing such application outside Malaysia. Such information would not have been revealed by local legal information service providers.

For a free trial account, please visit its registration page here.

Bread & Kaya: Malaysia’s first digital currency court case

By Foong Cheng Leong
December 17, 2019
– Digital currencies can be used to raise funds, make purchases or traded online
– Anyone operating a digital assets exchange platform must obtain approval from the SC

DIGITAL currencies are a form of digital asset. They can be used to raise funds, purchase goods or services and even traded online instantaneously without any border restrictions.

Digital currencies are now traded on the Internet through, among others, digital assets exchange platforms. Due to their popularity, the prices of certain digital currencies such as Bitcoin are volatile.

Bank Negara Malaysia has declared that digital currencies are not legal tender in Malaysia. However, this does not mean that trading of digital currencies is illegal. Trading of digital currencies is legal in Malaysia but any person operating a digital assets exchange platform must obtain approval from the Securities Commission.

Currently, there are three Recognised Market Operators (RMOs) registered by the Securities Commission to operate digital asset exchanges in Malaysia.

In the meantime, the Securities Commission has also issued Public Consultation Paper No. 1/2019 Proposed Regulatory Framework for the Issuance of Digital Assets Through Initial Coin Offerings (ICOs).

The issuance or offering of certain digital assets to the public will require prior approval or authorisation from the Securities Commission and compliance with the relevant laws and regulations.

Capital Markets and Services (Prescription of Securities) (Digital Currency and Digital Token) Order 2019

The Capital Markets and Services (Prescription of Securities) (Digital Currency and Digital Token) Order 2019 was introduced to recognise certain digital currency and digital token as “securities” thus making securities laws such as the Capital Markets and Services Act 2007 applicable to them.

Reg 2 of the Order 2019 has defined digital assets as:

  • Digital Currency: a digital representation of value which is recorded on a distributed digital ledger whether cryptographically-secured or otherwise, that functions as a medium of exchange and is interchangeable with any money, including through the crediting or debiting of an account; or
  • Digital Token: a digital representation which is recorded on a distributed digital ledger whether cryptographically-secured or otherwise.

Not all digital currency or digital tokens are securities under the Capital Markets and Services Act 2007. Reg. 3 of the Order provides the relevant criteria. In respect of a digital currency, a digital currency which: —

  1. is traded in a place or on a facility where offers to sell, purchase, or exchange of, the digital currency are regularly made or accepted;
  2. a person expects a return in any form from the trading, conversion or redemption of the digital currency or the appreciation in the value of the digital currency; and
  3. is not issued or guaranteed by any government body or central banks as may be specified by the Securities Commission,
  4. is prescribed as securities for the purposes of the securities laws.

As for digital token, a digital token which represents a right or interest of a person in any arrangement made for the purpose of, or having the effect of, providing facilities for the person, where: —

  1. the person receives the digital token in exchange for a consideration;
    the consideration or contribution from the person, and the income or returns, are pooled;
  2. the income or returns of the arrangement are generated from the acquisition, holding, management or disposal of any property or assets or business activities;
  3. the person expects a return in any form from the trading, conversion or redemption of the digital token or the appreciation in the value of the digital token;
  4. the person does not have day-to-day control over the management of the property, assets or business of the arrangement; and
  5. the digital token is not issued or guaranteed by any government body or central banks as may be specified by the Securities Commission,
    is prescribed as securities for the purposes of the securities laws

Foreign cases

While laws and regulations are being drafted by Governments to deal with digital assets, digital asset disputes are slowly creeping into Courts and the Courts have been applying existing traditional laws into modern technology.

In the English case of Vorotyntseva v Money-4 Ltd (t/a Nebeus.com) [2018] EWHC 2596 (Ch), the High Court dealt with a freezing order against a cryptocurrency platform operator and its directors to restrain them from dissipating their assess. The claimant in this case had deposited a substantial quantity of Bitcoin and Ethereum cryptocurrencies with the operator and became concerned when the operator in this case become uncontactable.

Similarly, in the Hong Kong case of Nico Constantijn Antonius Samara v Stive Jean Paul Dan [2019] HKCFI 2718, the Hong Kong High Court granted a freezing injunction against a French cryptocurrency trader from disposing of his assets in Hong Kong in a dispute over Bitcoin trading on a trading platform. The Plaintiff in this case had money held by the French cryptocurrency trader in his Citibank account in Hong Kong.

In the Singapore case of B2C2 Ltd v Quoine Pte Ltd [2017] SGHC(I) 11, the Singapore International Commercial Court held that the operator of a virtual currency exchange platform was liable for breach of contract and breach of trust in reversing trades made at an abnormal exchange rate. For the first time, the Singapore International Commercial Court applied the law of contract to virtual currencies, finding that virtual currencies have the hallmark characteristics of property and applying the law of unilateral mistake to a case involving algorithmic trading.

Digital currency dispute finally lands in our Court

In 2018, a cryptocurrency trader was sued by two cryptocurrency-exchange related providers for the return of Bitcoins mistakenly transferred to him.

This case is important to the digital currency industry because our Court has decided for the first time that:

– cryptocurrency trading is not illegal in Malaysia;
– digital currency is a form of an intangible asset; and
– digital currency is a “thing” that that has to be returned if it is mistakenly delivered.

The facts of the case of Luno Pte Ltd & Anor v Robert Ong Thien Cheng (Sessions Court Civil Suit No. BA-B52NCVC-389-12/2017) (Unreported) are as follow.

The 1st Plaintiff conducts its business as an online wallet and exchange of digital currencies, also known as cryptocurrencies including Bitcoin, under the trade name of Luno.

Every registered customer of Luno will be allocated a Luno account known as ‘Luno Wallet’ whereby they are able to buy, sell, send, receive and store cryptocurrencies.

The 1st Plaintiff wholly owns the 2nd Plaintiff and the 2nd Plaintiff acts as the intermediary regional operating centre of the 1st Plaintiff which holds the bank account that accepts deposits from Luno customers in Malaysia.

After the customer deposits a sum to the account held by 2nd Plaintiff, the 1st Plaintiff will allocate the deposit to the customer’s respective Luno wallet for them to utilise to trade cryptocurrencies.

The Defendant is a registered user of Luno and has been allocated a Luno Wallet. On Oct 30, 2017, the Defendant deposited RM300,000.00 into the bank account held by the 2nd Plaintiff which was subsequently transferred into the said Luno Wallet and reflected therein accordingly.

At that juncture, the Defendant had a total of RM300,228.58 and 0.616814 Bitcoin in his said Luno Wallet. On Nov 1, 2017, the Defendant converted RM300,228.00 contained in the said Luno Wallet into 10.70163257 units of Bitcoins, leaving the total number of Bitcoins in his said Luno Wallet to be 11.31844657.

On the same day, the Defendant requested for 11.3 Bitcoins to be withdrawn from the said Luno Wallet to be to his Bitfinex e-wallet account and his request was duly carried out. The Defendant’s Bitfinex account is managed and operated by iFinex Inc. (BVI) (‘Bitfinex’), another third party cryptocurrency online trading platform unrelated to the Plaintiffs.

On Nov 1, 2017, the 1st Plaintiff mistakenly transferred an additional 11.3 Bitcoins onto the Defendant’s Bitfinex Account after having transferred the initial 11.3 Bitcoins on the same day.

The 1st Plaintiff notified the Defendant of the mistakenly transferred additional 11.3 Bitcoins on Nov 2, 2017 via email dated Nov 2, 2017. The 1st Plaintiff requested for 11.3 Bitcoins to be returned to the 1st Plaintiff as it was Bitcoins that were mistakenly transferred into the Defendant’s Bitfinex Account. The Defendant acknowledged and admitted that he is required to return the additional 11.3 Bitcoins that were mistakenly transferred to him. In this regard, the Defendant had offered to pay the 1st Plaintiff cash of RM300,000.00 at the end of November 2017, about one month after the mistaken transfer. However, this was not acceptable to the Plaintiffs as the value of Bitcoins fluctuates day-to-day.

The Defendant, although admitting to receiving the additional 11.3 Bitcoins and acknowledging the need to return them, has failed, refused and/or neglected to do so. The Plaintiffs initiated this action against the Defendant to recover the mistakenly transferred 11.3 Bitcoins by returning the said 11.3 Bitcoins and if the Defendant fails to do so, the sum of RM810,837.00 equivalent to 11.3 Bitcoins calculated based on the Luno exchange market price of RM71,756.00 per Bitcoin at the time of the filing of the action.

The Defendant argued that, among others, Bitcoins are not a “thing” capable of being returned as envisaged under s. 73 Contracts Act 1950, and that transfer was actually a mistake.

S. 73 provides: –

Liability of person to whom money is paid, or thing delivered, by mistake or under coercion
A person to whom money has been paid, or anything delivered, by mistake or under coercion, must repay or return it.

The Defendant also alleged that all 22.6 Bitcoins in his Bitfinex account were converted into B2x CST futures on an “automated setting” allegedly prior to his knowledge of the mistakenly transferred additional 11.3 Bitcoins. Therefore, he would not be able to return the Bitcoins.

A counterclaim was filed by the Defendant on the ground that the 1st Plaintiff had ‘colluded’ with Bitfinex and/or ‘interfered’ Bitfinex’s decision in suspending the Defendant’s Bitfinex Account that in turn resulted in his alleged losses of B2x CST futures. He sued for 169,6267258 units of B2x CST futures or the sum of RM806,071.87 being the sum equivalent.

The learned Sessions Court Judge granted the Plaintiffs’ claim and ordered the return of the Bitcoins or its equivalent in Ringgit Malaysia as of the date of filing of the action. He held: –

  1. The Defendant admitted that the mistakenly transferred 11.3 Bitcoins does not belong to him and thus, he is under a duty to return the same. There are also contemporaneous documents to show that the Defendant had agreed to return the mistakenly transferred 11.3 Bitcoins, albeit in the form of cash. In this regard, the Defendant had offered to pay the 1st Plaintiff the sum of RM300,000.00 and this is evident from his email dated Nov 2, 2017 to the Plaintiffs. In another email dated Nov 4, 2017, the Defendant stated that the price of Bitcoin was volatile and high and requested for more time for the Bitcoin to settle at a better rate for him to repay back the mistakenly transferred 11.3 Bitcoins. It is thus obvious to the Court that the reason why he refused to repay back the mistakenly transferred 11.3 Bitcoins was due to the very high rate and it was on that basis he had requested for the price to settle so that he can buy it at a lower rate.
  2. The Defendant claimed that the offer to pay the sum of RM300,000.00 was out of ‘goodwill’ for the mistakenly utilising the mistakenly transferred 11.3 Bitcoins and therefore the Plaintiffs are estopped from claiming it. The Court found that estoppel does not apply herein as the Plaintiffs have never indicated that they are agreeable to the alleged ‘goodwill’ payment.
  3. The Defendant contended that cryptocurrency is illegal in Malaysia and therefore, the Plaintiffs are not entitled to recover the same. The learned Sessions Court Judge dismissed his contention. He held that whilst cryptocurrency is not recognised as legal tender in Malaysia, this does not mean that the Plaintiffs’ operation is illegal. In fact, the 1st Plaintiff is registered as a reporting entity with Bank Negara Malaysia and this is supported by contemporaneous documents. The fact that the 1st Plaintiff is registered as a reporting entity to Bank Negara on cryptocurrency is in itself proof that the 1st Plaintiff’s operations are not illegal. If the 1st Plaintiff’s operations are deemed illegal by Bank Negara, reasonably the 1st Plaintiff would not be registered as a reporting entity. Further, the fact that the Bank Negara Malaysia put forth the initiative to have cryptocurrency exchanges registered as reporting institutions is indicative that the trading of cryptocurrencies is not illegal in Malaysia. Further, this recognises that cryptocurrencies carry value that may be exchanged with real money despite not being recognised as legal tender.
  4. The Defendant argued that the said 11.3 Bitcoins do not belong to the Plaintiffs and therefore the Plaintiffs do not have any locus to commence this action to recover the 11.3 Bitcoins. The Court rejected this argument as the position of the Plaintiffs in “holding” the cryptocurrency (i.e. Bitcoins) is akin to that of the bank where customers deposit the monies. As such, if the bank had mistakenly transferred monies into another person’s account, this does not mean that the bank has no locus to initiate an action to recover the monies.
  5. The Defendant contended that the Malaysian Court has no jurisdiction to hear the Plaintiffs’ claim. In this regard, the Defendant claims that the Plaintiffs’ claim is subject to Singapore law. The Court rejected this contention. The terms and conditions containing the jurisdiction clause in Singapore do not apply to the present case as the new terms and conditions only took effect after the incident. In this regard, the present case is governed by the old terms and conditions which does not contain any jurisdiction clause. Further, there is no basis in the Defendant’s contention as he has now submitted to the jurisdiction of the Malaysian Court by filing his counter claim against the Plaintiffs. In any event, the Court found that the purported terms and conditions that the Defendant is now seeking to rely on does not apply to him as it is expressly stated on Luno’s website that the new terms and conditions are to take effect after the incident.
  6. The Court found that cryptocurrency although is not money in the legal sense, is a form of commodity as real money is used to purchase the cryptocurrency. Accordingly, cryptocurrency falls within the definition of “anything” under s. 73 of the Contracts Act 1950. There is value attached to Bitcoin in the same way as shares do. Bitcoin may not be currency or money per se, but it is a form of commodity, albeit in an intangible form. Accordingly, the Defendant is bound in law and/or equity to return the additional 11.3 Bitcoins to the Plaintiffs that never belonged to the Defendant.
  7. The Defendant claimed that all 22.6 Bitcoins in his Bitfinex account were converted into 82x CST futures on an “automated setting”, allegedly prior to his knowledge of the mistakenly transferred additional 11.3 Bitcoins. The Court did not accept the Defendant’s allegation as it was not substantiated with any reliable evidence.
  8. In view of the Defendant’s actual knowledge and awareness prior to converting 22.6 Bitcoins to B2x CST futures, the Defendant is bound by principles of natural justice and equity to return the mistakenly transferred 11.3 Bitcoins to the Plaintiffs. the Defendant cannot be allowed to be unjustly enriched at the expense of the 1st Plaintiff.
  9. The Defendant is claiming an alleged bona fide change of position on the basis that the 11.3 Bitcoins are no longer available as the B2x CST futures purchased by him did not materialise and its value is now close to nil. However, the Court found that this altered position of the Defendant was self-induced and not bona fide due to the established fact that the Defendant conducted the transaction to convert all 22.6 Bitcoins to B2x CST futures despite realising that something was “amiss”. He cannot claim the defence of bona fide change of position as he utilised the additional 11.3 Bitcoins in his Bitfinex Account to purchase another type of cryptocurrency.
  10. The Court found that when the Defendant became aware of his receipt of the additional 11.3 Bitcoins, the principles of equity comes into play whereby if his conscience would be affected upon learning of the mistake, the Defendant is then imposed a constructive trust by the laws of equity which he is then placed under a fiduciary as a constructive trustee.
  11. The Defendant argued that the Plaintiffs are unable to “recover” the 11.3 Bitcoins due to the Risk Warning which is found on the Luno Exchange website which states that all transactions that occurs under the Luno Wallet of any user is irreversible. The Court found that the Defendant’s interpretation of the Risk Warning is misplaced. It is to be observed that the Risk Warning stating that the transactions is irreversible applies to those transactions between users and the 1st Plaintiff is still entitled and able to ask for the “return” of the 11.3 Bitcoins. The Defendant’s claimed that once monies have been mistakenly transferred to someone, the monies should be left with them and according to the Defendant pursuant to a “common position accepted in the cryptocurrency world”. The Court could not accept the argument as there was no evidence of this “common position accepted in the cryptocurrency world”. It is clear that the Defendant had agreed to return or repay back the mistakenly transferred 11.3 Bitcoins and this argument on “irreversibility” was only raised at this juncture to defeat the Plaintiffs’ claim. At the time when the Plaintiffs demanded the return of the mistakenly transferred 11.3 Bitcoins, the Defendant never raised any issue that the same cannot be returned due to the Risk Warning. the Defendant’s position is an afterthought and he is now estopped from reneging his earlier position.
  12. In respect of the Defendant’s counter claim, the Court found that the Defendant has failed to lead any evidence to substantiate his allegation that the 1st Plaintiff had colluded with Bitfinex and/or interfered in Bitfinex’s decision in suspending the Defendant’s Bitfinex Account that in turn resulted in his alleged losses of B2x CST futures. The 1st Plaintiff have no control or authority over the conduct and management of Bitfinex and/or the Defendant’s Bitfinex Account. All the Plaintiff did was to notify Bitfinex on the mistaken transfer and requested Bitfinex to hold the funds belonging to the Defendant in his Bitfinex account in order to preserve status quo pending negotiations and their attempts to reclaim the 11.3 Bitcoins from the Defendant and nothing more.

On appeal to the High Court (Shah Alam High Court Civil Appeal No. 12BNCVC-91-10/2018), the learned High Court Judge dismissed the appeal and upheld the Sessions Court Judge’s decision. In addition, his Lordship held: –

  1. While cryptocurrency is not ‘money’ (i.e.,: legal tender) as we know in the traditional sense, it has been recently defined as a form of ‘security’ by s. 3 of the Capital Markets and Services (Prescription of Securities) (Digital Currency and Digital Token) Order 2019 which had defined digital currency as a form of “security”. It cannot be disputed that it is a form of ‘commodity’ as real money is used to purchase the cryptocurrency. In this regard, there is indeed value attached to the Bitcoin in the same way as value is attached to ‘shares’. The Contracts Act 1950 having been drafted some seven decades ago ought to be construed to reflect changes in modern technology and commerce. In view of the aforesaid, the High Court held that the term ‘anything’ in s. 73 is plainly wide enough to cover Bitcoins. The mistaken transfer of the 11.3 Bitcoins was a result of a technical glitch and not due to a mistake of fact or law.
  2. In relation to the argument that Plaintiffs lack the locus standi to initiate an action for the recovery of the 11.3 Bitcoins, the learned High Court Judge held that up until the point the Bitcoins are assigned to a specified user, it is just a pool of Bitcoins that Luno has full custody and control of. Hence, it was incorrect to suggest that the Plaintiffs were not the legal and beneficial owners of the 11.3 Bitcoins.
  3. The crux of this appeal turns on the correct interpretation of s. 73 of the Contracts Act, 1952 and the application of s. 73 to the instant facts. The terms are plainly wide enough to be invoked for the return the 11.3 Bitcoins wrongly or mistakenly transferred into the account of the Defendant.
  4. The Plaintiffs’ cryptocurrency online exchange is not illegal and/or contrary to public policy. There was no material or evidence before the Court below that. Although cryptocurrency is not recognised as legal tender in our jurisdiction, the Plaintiffs’ whole operation is not illegal and cannot sustain the claim for restitution.
  5. In respect of the counterclaim, the learned High Court Judge agreed with the Sessions Court Judge that the Defendant’s allegation had not been substantiated on the proven facts and evidence.


To put this case in simple words, this is a case where the Plaintiff had mistakenly transferred Bitcoins to the Defendant and the former wants the latter to return it. The Defendant on the other hand claimed that he is unable to do so as he no longer has it.

Unlike the usual tangible products, this is a case which deals with digital currency which has very volatile value.

The Plaintiff had also demanded that if the Defendant is unable to return the 11.3 Bitcoins, he had to pay the sum of RM810,837.00 equivalent to 11.3 Bitcoins calculated based on the Luno exchange market price of RM71,756.00 per Bitcoin at the time of the filing of the action.

The Court held that, among others, the Defendant had a duty to return the Bitcoins and there is no evidence that he no longer has those Bitcoins. 

The matter is now pending appeal at the Court of Appeal.

First published on Digital News Asia on 17 December 2019.

Key updates on Malaysia’s Franchise Laws

By Foong Cheng Leong & Hee Pau Ling

The Franchise (Amendment) Bill 2019 (“Bill”) has been passed by the Dewan Rakyat (House of Representatives) on 3 December 2019 [Postscript: The Bill received its Royal Assent on 20 February 2020 and published in the Gazette on 6 March 2020].

The Bill seeks to amend the Franchise Act 1998 (“Act”) to be in line with the current developments of the franchise business in Malaysia. The following are some of the key proposed amendments of the Bill-

(i) Double Registration of Franchise by Foreign Franchisor
Under the present section 54(1) of the Act, a foreign franchisor who wishes to sell a franchise in Malaysia to a Malaysian citizen is required to submit an application to the Registrar of Franchise. Section 6 of the Act also requires a franchisor to register his franchise before he can operate a franchise business or make an offer to sell the franchise of any party.

As the documents and information required under an application under section 54 are almost identical to section 6, the current practice by the Franchise Registry is that they will automatically register the application under section 6(1) of the Act upon approval of the application under section 54.  

The proposed section 6(1) of the Act will require a foreign franchisor to register himself under sections 6 and 54(1) of the Act separately. It is unclear if the applications can be done simultaneously or consecutively.

(ii) Offence for Failing to Register Franchise by a Franchisee
The current section 6B(1) of the Act requires a franchisee of a local franchisor who has been granted a franchise from a local franchisor or local master franchisee to register the franchise with the Registrar of Franchise within fourteen (14) days from the date of signing of the franchise agreement.

With the proposed amendment, it will be an offence for any franchisee who fails to do so.

(iii) Renewal of Franchise Registration
A franchisor will soon need to renew their registered franchise in Malaysia. The validity period of a franchise registration will be provided by the Franchise Registry and subject to terms and conditions and payment of renewal fees (if any). However, this provision is unlikely to affect franchises that are registered before the enforcement of the amendments.

(iv) Requirements of a Franchise Agreement  
Under the proposed section 18(2)(l) of the Act, a franchise agreement shall state the terms of renewal and extension. However, such terms are not prescribed by the Bill.

Additionally, the Bill proposes to delete section 18(3) of the Act which provides that a franchise agreement that does not comply with the requirements of section 18(2) of the Act (basics terms and conditions of a franchise agreement) will not render a franchise agreement null and void.

However, it should be noted that complainants can still seek legal recourse under the proposed section 18(6) of the Act which seeks to make the failure of compliance with section 18 of the Act an offence. Such offence is punishable with a fine up to RM50,000 for body corporates. Non-body corporates face a lesser fine of up to RM25,000 and/or imprisonment for a term not exceeding six months. Increased penalties apply for subsequent offences. Upon sentencing, the Court may also declare that the franchise agreement to be null and void. Overall, this would be subject to the discretion of the Attorney General of Malaysia to prosecute the franchisor. To date, there is no reported case of any franchisor being prosecuted under the Franchise Act 1998.

(v) Introduction of the definitions of “subfranchise” and “subfranchisee” into the Act
“subfranchise” is now defined as a franchise granted by a master franchisee to a subfranchisee for business purposes under the Act, while “subfranchisee” is defined as a subfranchise holder. However, there is no specific provision introduced for subfranchise and subfranchisee. 


A new report by Amnesty International has warned that Facebook and Google’s omnipresent surveillance of billions of people poses a systemic threat to human rights. Is it time for a radical transformation of the tech giants’ core business model?

Produced by: Juliet Jacobs
Presented by: Tee Shiao Eek, Juliet Jacobs, Sharmilla Ganesan

LexisNexis Malaysia – The Lawsome Profession

I was featured in LexisNexis Malaysia’s Lawsome Profession series. This series features interviews of Malaysian lawyers in their respective professions.

Interested to know more about #IntellectualProperty and #Cyberlaw ?

Foong Cheng Leong is the Partner at Foong Cheng Leong & Co. He focuses in the areas of Intellectual Property and Information Technology, Cyberlaw, Franchising, Data Privacy and Gaming Law. Cheng Leong is also a registered trademark, industrial design and patent agent. He is the Chairman of the Kuala Lumpur Bar Information Technology Committee and a member of the Malaysian Bar Intellectual Property Committee. He regularly assists the KL Bar and the Malaysian Bar on matters regarding Intellectual Property, Internet Law and Data Protection.

“When I first joined Lee Hishammuddin and Allen & Gledhill as a pupil, I was assigned to the Intellectual Property (IP) department and I got retained in the department after my pupillage. I didn’t have the opportunity to try other practice areas although I wanted to do litigation. However, IP was interesting to me because I got the opportunity to do corporate IP involving trademark, copyright, trade secrets, patents, and other intangible rights for many services and products, as well as IP litigation where it involves dispute matters. A senior partner once reviewed my CV and saw that I could build websites and suggested that I try out Information Technology and Cyber Law. I did and I’ve not looked back since. He also encouraged me to start writing articles on it and contribute them to the Bar website.

IP is my bread and butter. In my firm, we do a lot of IP and trademark registration, patent, industrial design and copyright matters. Our work includes protecting clients who get sued for infringement, registering and protecting their IP overseas, franchising and licensing. To practice IP, you need to understand the nature of a commercial transaction, intangible rights and basic contract law. IP has a lot of aspects to it: you can be a corporate IP lawyer, litigator, criminal where you represent people who are charged with counterfeiting, and even an administrator where you ensure the IP is registered. It is a very established area; we have IP cases dating to the 1800s. Even in China, there are trademark cases dating 300-400 years back. There are many materials that you can read.

IT and Cyber Law is a new area of law and it’s very interesting because it comes with all sort of issues. For example, we have been asked to file court action to discover identity of a person behind a social media account, advise client on how to take down private photos of themselves, how to block a website or close it, and even getting Facebook to share information of a deceased person.

For you to excel at IT and Cyber Law, it’s important to understand technology. You need to understand how computers and networks work, how the technology works, what is an IP address, what is a timestamp, you need to understand all the tech jargons, and these are the things that you don’t get to read in a law book. You also have to be tech-savvy. I had a case where the client was charged for deleting the database of his company. He said he didn’t do it, but evidence indicated that he did. I managed to figure out that his IP address at the time was dynamic, and that anyone could access his account from anywhere. From there, we cross-examined and the internet service provider and they confirmed that to be true. We also found that his computer was stored by a third party at that point of time, so he couldn’t have done it.

From young, I was interested in how electronics worked and how things connected to one another. I used to take my CPU apart and install it again. I even took apart my parents’ video cassette recorder and alarm clock, I also learnt how to build a computer network. It helped me to understand how electronics work, for example, why there is a chip, transistor, or power supply. From there I understand that if I want to connect to the internet, I need a modem. If I want to build a network, I need a hub, and if I want to store data outside the hub, I need a server. Back then, we didn’t even have Google to search for all these!

I think the law should catch up with technology. For example, how do you get information of people who defame you online? People are using all sort of avenue to hide themselves and they use servers and providers outside of Malaysia. How do we ensure we can make it easier to get information? One thing we can do for this is to get a Treaty signed by all countries. For example, if the legal system requires a citizen of a certain country to provide information, the government should be able to release it based on certain safeguards. So far, we don’t have such law and it’s very difficult and expensive to get data because everyone is very protective of their data. Only the rich could afford to get the information.

I think it’s important for young lawyers to write a lot of articles, participate in talks and be out there to show their skills. Personally, I like to share my knowledge and information through articles. As a lawyer, we should share information with our peers, we shouldn’t be stingy because the more you share the information, the more we will push for law reforms, then more people will know about it and it allows more people to seek compensation if they are the victims or aggrieved parties.”

More: Video Interview

1 2 3 4 5 34  Scroll to top