Cracking down on cybercrime without cracking civil liberties | WN24

Shahul Hamid said the framework could help ensure that cases involving fraud, identity theft, or cyberbullying are supported by reliable digital evidence, while also safeguarding civil liberties.Shahul Hamid said the framework could help ensure that cases involving fraud, identity theft, or cyberbullying are supported by reliable digital evidence, while also safeguarding civil liberties.

PETALING JAYA: Cybercriminals today don’t wait—and neither can authorities. With scams and digital crimes striking rapidly, both locally and across borders, enforcement agencies are racing against time. 

To stay ahead, they need swift access to key digital evidence—such as who messaged whom, when, and how—while ensuring civil liberties are protected.

Criminology veteran Datuk Shahul Hamid Abdul Rahim welcomed the Malaysian Communications and Multimedia Commission’s (MCMC) Proposed Regulatory Framework,  calling it “timely” and crucial for strengthening digital crime enforcement while safeguarding civil liberties.

He emphasised that a clear legal framework brings much-needed certainty to both law enforcement and the public. 

“It defines how communication data should be retained, preserved, and accessed during investigations. This is vital for ensuring that cases involving fraud, identity theft, or cyberbullying are supported by reliable digital evidence, while also protecting civil liberties. 

“Without it, enforcement efforts risk being legally challenged and public trust may decline,”  said Shahul Hamid, who shared his insights with The Star when contacted about MCMC’s open consultation for the framework.

Shahul Hamid added that the framework’s focus on retaining only specific, relevant data—accessed strictly through legal channels—would be a critical asset in tackling complex online threats.

“It allows enforcement agencies to trace digital footprints effectively while minimising the risk of misuse. Clear retention periods and disclosure protocols also enhance operational efficiency.”

Balancing national security and individual privacy, he said, hinges on transparency and accountability. 

“Judicial oversight, data minimisation, and audit trails must be built into the framework. The public needs assurance that data will only be accessed when necessary and for legitimate purposes.”

He also acknowledged the practical challenges, including industry readiness, data security risks, and public concerns over privacy. 

“To address this prudently, there must be open dialogue with stakeholders, a phased rollout, and government support for smaller service providers to build compliance capacity.”

On the importance of public consultation, Shahul Hamid said it plays a key role in ensuring transparency and legitimacy. 

“When dealing with sensitive issues like data privacy, consultation allows the framework to reflect Malaysia’s legal, social, and technological realities. It ensures inclusivity and strengthens public confidence.”

Encouraging members of the public to take part in the consultation, Shahul Hamid said: “The draft framework will be made available on MCMC’s website. Feedback can typically be submitted via email, online forms, or through consultation sessions. 

“To ensure broad participation, MCMC should actively promote the consultation through social media and awareness campaigns.”

Fong urged MCMC to organise both virtual and physical forums to engage the public and experts directly.Fong urged MCMC to organise both virtual and physical forums to engage the public and experts directly.

Cybersecurity expert Fong Choong Fook said MCMC’s proposed framework is designed to provide just authorities with the right tools, legal clarity, and faster processes to trace digital trails and act before serious harm is done.

“Today’s cybercrime is fast, covert, and often originates overseas. Authorities need timely access to digital data to keep pace with increasingly sophisticated threats,” said Fong, managing director of LGMS Bhd—one of Malaysia’s leading cybersecurity companies

He cautioned that, without a clear legal framework, digital investigations risk entering a grey area. “In cases such as scams or cyberbullying, a defined framework sets out what can and cannot be done—offering clear guidance to telcos, law enforcement, and the public, while ensuring accountability.”

Fong also welcomed MCMC’s public consultation as a timely step towards building trust. “Consultation helps break the ice and build confidence. When people, experts, and companies are invited to give input, the result is usually more balanced and practical.”

He added that the government’s openness sends a positive signal and could reduce backlash. To go further, he urged MCMC to organise both virtual and physical forums to engage the public and experts directly.

Fong also pointed to practical challenges. Smaller telcos may lack the capacity to store and secure large volumes of data, and strong cybersecurity safeguards will be essential. “The government may need to offer financial or technical support. Securing sensitive data is a significant responsibility.”

He acknowledged public concern about potential government overreach. “Clear, ongoing communication is critical. Even well-intentioned policies can face scepticism if the public doesn’t understand their purpose.”