Things you need to know about Malaysian e-commerce legislation

2017 had been a crucial year for e-commerce in Southeast Asia. We saw the intense race between Alibaba and Tencent, the Uber and Grab  and we all know who won that war . On top of that, Google & Temasek estimated the region digital economy worth US$50 billion last year.

Though Google & Temasek did not release any country specific figures, the Malaysian e-commerce have been one of the major contributors to that number.  The country 2018 e-commerce are expected to generate an impressive US$1.3 billion in revenue according to Statista.


Know the country e-commerce law

With the rise of e-commerce, the interest from entrepreneurs are increasing and there are laws need to be abided. Malaysia already implemented a comprehensive suite of e-commerce law in place, based on a combination of Electronic Commerce Act 2006 and the Electronic Government Activities Act 2007.

There are also several other laws that were enforced to ensure the stability of the country e-commerce. Let’s get to know them:


  1. Malaysia have electronic transaction law

It is called The Electronic Commerce Act 2006 and it is the key source of electronic commerce regulation for private sectors. The law is complemented by the Electronic Government Activities Act 2007 which applies similar rule to the public sector. Believe it or not, the law closely mirrors the United Nations Electronic Communications Convention.

Malaysia also has specific laws for digital signatures – The Digital Signature Act 1997. The legal framework later was strengthened by way of The Digital Signature (Amendment) Act 2001.


  1. Malaysian law protects the consumer

The Consumer Protection Act 1999 is a general consumer legislation that protects consumers against a range of unfair practices and appose minimum standard for products.

In recent years, the law was amended in 2007 to widen its scope to cover electronic commerce transactions. Malaysia again amended the law in 2010 and added a new provision on general safety requirement for services and the protection to consumers from unfair terms in a standard from contact. Aside from protection, the objective is to increase the consumers’ confidence to shop and trade online.


  1. A law that protects privacy and data protection

Government agencies are excluded from this law and The Personal Data Protection Act 2010 only covers the private sector only. The law mirrors the principles on the European Union directive, it adopt parts of the APEC Privacy Framework as part of its variation. However, the act does not contain any European Union style registration requirements.

The act came into full force on 1 January 2013 as a new government department (Personal Data Protection Department) was established to facilitate the implementation of the law.


  1. Online content regulation

Communication and Multimedia Act 1998 has established the Malaysian Communications and Multimedia Commission (MCMC), which helps to empower the regulation of the information technology and communications industries.

The act regulate online speeches, providing that ‘no content applications service provider, or other person using a content applications service, shall provide content which is indecent, obscene, false, menacing, or offensive in character in intent to annoy, abuse, threaten or harass any person’.


  1. Cybercrime and cybersecurity

These 4 categories of activities are prohibited when it comes to The Computer Crimes Act 1997, which are

  • Section 3: Acts committed with the intent to secure unauthorized access to programs or data stored in any computer.
  • Section 4: Acts committed with the intent to secure unauthorized access to programs or data store in any computer in order to commit an offense involving fraud or dishonesty.
  • Section 5: Acts committed with the knowledge that that the act will cause unauthorized modification of the contents of any computer.
  • Section 6: Wrongful communication of any password, code or means of access to a computer to any person who is not authorized to receive the same.

These provisions are more aligned with computer crimes, rather than cybercrimes. However, the provisions contained in e-commerce laws and copyright laws (updated and amended in 2012) which complement Malaysia’s cybercrimes legislation and make them compatible with international standards.