top of page

Episode 4: Rights to Privacy

Welcome to UM Consti Team's fourth and last episode of law review in 2020! In this episode, we are discussing about the concept of rights to privacy in Malaysia! We are excited to share our ideas and hopefully, inspire you through our law review! Here we go!


Assuming your neighbour is installing a CCTV in front of his house, which your house is also visible to, is it possible for you to halt him? What about receiving messages from the Minister of Health on current news pertaining to the pandemic? Can you then expostulate, averring your rights to privacy? The veracity is, in some circumstances, it is not that facile for you to successfully claim for your right to privacy. Hence, this article seeks to elucidate on the issue of right to privacy in Malaysia as well as internationally.

Foremost, Article 12 of the Universal Declaration of Human Rights (UDHR) and Article 17 of the International Covenant on Civil and Political Rights (ICCPR) recognised the right to privacy as being cardinal to one’s life. Irrefragably, it touches the essence of human personhood as it entitles us to negotiate who we are and how we want to interact with the world around us. Furthermore, the Calcutt Committee deciphers privacy as the right of an individual to be protected against intrusion into his personal life or affairs, or those of his family, by direct physical means or by the publication of information (Calcutt Committee, 1989). Despite that, right to privacy generally encompasses the right to be left alone, to exercise control over one’s personal information, and to fortify one’s dignity and autonomy (Salleh Buang, 2015).

One may ask, why is it salient to raise this issue? Indubitably, privacy enables us to create barriers and manage boundaries to protect ourselves from unwarranted interference in our lives, which we are dealing with on a daily basis. It allows us to establish boundaries to limit who has access to our bodies, places and things, as well as our communications and information (Privacy International, 2017). For instance, the Ministry of Health had recently assured the public to not fret as their personal details in MySejahtera app are secured as the app complies with global standards to protect the confidentiality and security of the data (Ida Lim, 2020). This delineates that our country, in certain circumstances, does recognize the right to privacy.


i) Position under the Federal Constitution

Even though the right to privacy is not a fundamental right expressly guaranteed by the Federal Constitution (Foong, 2011), it has received judicial recognition under Article 5(1) in the Federal Court case of Sivarasa Rasiah v Badan Peguam Negara. In Sivarasa, the appellant was barred by Section 46(1) of the Legal Profession Act 1976 for intending to serve as a member of Parliament and as an elected member of the Malaysian Bar Council simultaneously. He challenged the constitutionality of Section 46A(1) for violating his right to personal liberty under Article 5(1) which prescribes for deprivation of life and personal liberty in accordance with the law. On the point of law, Gopal Sri Ram FCJ (as he then was) held that ‘personal liberty’ in Article 5(1) must be conferred with broad interpretation and ‘personal liberty’ includes the right to privacy. Nevertheless, it is noteworthy that such principle is merely an obiter as the court eventually ruled against the appellant as there is a valid restriction in accordance with the law (Shaiful & Usharani, 2017).

A turning point seems to arise subsequently in the case of Muhamad Juzaili v State Government of Negeri Sembilan. In adjudicating the constitutionality of Section 66 of the Syariah Criminal Enactment (Negeri Sembilan) 1992 which criminalized cross-dressing among Muslims, the Court of Appeal adopted the decision in Sivarasa in holding that there are other freedoms embedded in ‘life and personal liberty ‘of Article 5. The court also went a further step to import an Indian Supreme Court’s ruling to hold that the right to privacy is part of Article 5(1) of the Federal Constitution. Unfortunately, Juzaili was reversed by the Federal Court on the ground that a leave was required prior to the determination on the issue of constitutionality but there was no comment on the substantive reasoning. Hence, we argued that the reasoning may still be applicable in the future cases, resulting in the express recognition of right to privacy under the constitution.

Is the right to privacy under the Federal Constitution actionable against another individual?

Notwithstanding the recognition of this right, the court in Beatrice Fernandez v Sistem Penerbangan Malaysia laid down the rule that constitutional law will not take cognizance of the rights of a private individual that are infringed by another private individual as the very concept of ‘fundamental rights’ involves State action. Hence, the right of privacy is not actionable unless there is invasion of individual rights by the State (Foong, 2011).

ii) Position under tort law

The High Court ruled in Ultra Dimension v Kook Wei Kuan that since the English common law does not recognize privacy rights, there is no cause of action for invasion of privacy. This decision is subsequently affirmed by the Court of Appeal in Dr Bernadine v MPH Magazine whereby the court similarly held that the general right of tort of privacy is not developed in Malaysia. From the aforementioned two cases, our Malaysian courts seem to have completely denied any right of privacy in tort, but the subsequent cases reveal some limited yet positive development in respect of women’s modesty (Shaiful & Usharani, 2017).

There have been some arguments that the Court of Appeal in Maslinda bt Ishak v Mohd Tahir has implicitly paved the way for tort of privacy by holding the respondent who took pictures of the female appellant urinating liable for violating privacy (Farah et al., 2020). However, it is noteworthy that the case never expressly or impliedly recognized the invasion of privacy as an actionable tort. Even so, invasion of privacy soon received its first recognition as an actionable tort in Lee Ewe Poh v Dr Lim Teik Man. The High Court relied on Maslinda Ishak and ruled that invasion of privacy right is actionable notwithstanding that it is not a recognized breach in tort under the English common law. However, this judgement is fraught with controversy as indicated by the subsequent cases.

Maslinda and Lee Ewe Poh are followed by the High Court in Lew Cher Poh v Phua Yong Yong. The court further commented that the views presented by Ultra Dimension are not keeping in time and that the court must give recognition to the right to privacy as it is a fundamental right. Nevertheless, the High Court in Mohamad Izaham v Norina Binti Zainol pointed out that the learned judge in Lee Ewe Poh’s case erred in relying on Maslinda as the invasion of privacy in the case was evidenced by negligence and that the court was never clear in point on whether invasion of privacy is an actionable tort. Another different view is propounded by M Mohandas Gandhi v Ambank whereby the law in Malaysia has recognized a cause of action in invasion of privacy as held by the Maslinda and followed by Lee Ewe Poh but it is limited to matters of private morality and modesty.

Regardless of the different interpretations on the Lee Ewe Poh case, one should bear in mind that they do not bind each other as all three are High Court cases. What remains clear is that there is direct and express affirmation by the Court of Appeal in Dr Bernadine that the law does not recognize invasion of privacy as an actionable tort. Unless and until the Federal Court makes a ruling on this matter, the law as it stands now is that no such actionable tort for invasion of privacy can arise.

iii) Statutes

In Malaysia, right to privacy is also acknowledged by a few other statutes. To illuminate, the main legislation governing right to data privacy in Malaysia is the Personal Data Protection Act 2010 (‘the PDPA’).

On 3 May 2017, Khas Cergas Sdn Bhd, the company which owns Victoria International College was charged in the Sessions Court for processing personal data of the former employee without a valid certificate of registration issued by the Personal Data Protection Department (PDPD) (Mageswari, 2017). Specifically, this case breached s.16(1) of the PDPA which requires the data users to register the applicant and issue a certificate of registration by the PDPD. The offence was allegedly committed by the company at its premises on June 6, 2016. After the Sessions Court judge, the charge which under s.16(4) of the PDPA claimed on conviction, the company would be liable to a maximum fine of RM 500,000 or imprisonment up to three years, or both (Attorney General’s Chambers of Malaysia, 2016).

Albeit that, as delineated lucidly in the preamble of the PDPA, it does not provide for the protection of any other types of privacy than the processing of personal data in commercial transactions. For instance, “there is no recourse under the PDPA if your neighbour decides to spy on you by gazing into your bedroom through binoculars” (Five Things About Privacy Laws in Malaysia, 2019, para. 8). To further clarify, in Ultra Dimension Sdn. Bhd. v Kook Wei Kuan, it was held that the invasion of privacy rights is not actionable in Malaysia, unless the content was so highly offensive in nature and depicted a person in an ignominious position or pose.

Apart from that, s.509 of the Penal Code (the ‘PC’) provides criminal sanctions for insulting ‘the modesty of any person’ or ‘intruding upon the privacy of any person’ by uttering any word, sound or gesture, or exhibiting any object, intending that such word or sound shall be heard, or that such gesture or object shall be seen by such person. In Pendakwa Raya v Nor Hanizam Bin Mohd Noor, the accused was charged under s.509 of the PC for mortifying the modesty of his wife’s cousin, who was also a Muslim. In this case, the High Court ruled that the respondent’s disdainful acts of recording the victim’s video while she was taking a bath and subsequently disseminated it to a Whatsapp group joined by his family and the victim as well, had blatantly infringed upon her right to privacy as enshrined under the provision. The court in applying the section, had set aside the Magistrate Court’s order to imprison the respondent for merely two months, by extending it to six months.

“Pertaining to data protection, ‘privacy’ can be found in S.4 of the Births and Deaths Registration Act 1957, S.9 of the Communication and Multimedia (Licensing) Regulations 1998, S.46A of the Law Reform (Marriage and Divorce) Act 1976 and S.107 of the Private Healthcare Facilities and Services Act 1998. ‘Privacy’ in these provisions is used in connection with confidentiality and security of an individual’s information, limited to the types of data under the purview of the respective legislations or regulations. Other laws with implications to privacy include the Anti-Corruption Act 1997, the Companies Act 2016, and the Computer Crimes Act 1997” (Shielding Individual Peace in Modern Times: Debunking the Efficacy of The PDPA (2010) in Protecting Data and Privacy Rights, 2020, para. 7).


Among the challenges faced by our country pertaining to this issue is that none of such legislation in Malaysia properly known as Privacy Act—which specializes in protecting the right to privacy, or at least, codifies the bigger part of this common privilege—has been officially made into laws.

This legislation becomes a need rather than a want in the time where technologies expand on a higher level in our lifestyles and sometimes, may intrude the living of many other fellow Malaysians. Examples of nation states which have already enacted such law are Australia by its Privacy Act 1988, and New Zealand by its Privacy Act 1993 (Kylie, 2019). Not only the Privacy Act prevails in the Commonwealth realm, it does have a significant place among non-Commonwealth countries such as Germany by its German Privacy Act or also known as BDSG (Bundesdatenschutzgesetz).

In the case of Malaysia, it will take time for legislators to come up and to introduce a bill for the purpose of formalizing the right to privacy in the Malaysian legal framework. Furthermore, what should not be taken for granted here is the number of Malaysian laws and regulations existing on a smaller scale in institutions around the nation which have been implicating the right to privacy for quite some time like the Security Offences (Special Measures) Act 2012 and the Anti-Corruption Act 1997. Moreover, the needed balance between order, security and privacy must be respected at all costs to ensure that there would be no side neglected in a just society of Malaysia (Nehaluddin Ahmad, 2008). This challenge, in turn, will become a deterrent and weakness in the effort of bringing a Malaysian act on privacy rights to its shape of reality.

On the other perspective, this issue can also be seen as the only way, as of now, for the Malaysian government in determining the peace and stability of the country. By holding to a bigger cause, the rather ‘smaller’ cause which is the right to privacy among citizens must be marginalized thus less legal stand or remedy compounded on this humanistic value. As a result, Malaysians are giving up their physical, information, and territorial privacy to unknown intruders and criminals as they are doing their daily living.

The ultimate reason for this situation may be traced from the lack of, or the lack restatement of, privacy right in the English law (Zainal Amin Ayub & Zuryati Mohamed Yusoff, 2007). Nevertheless, there are several commendable gestures recorded in the history—recognizing it even if the reality is they have no legal entitlement to explicitly subside a cause of action for breach of privacy in the Malaysian law—which, however, may be taken as a plan of improvement for putting forward provisions that concern on the right to privacy in Malaysia.

Firstly, it is worth to note a United States case of McVeigh v Cohen where the court explains how the privacy interests of individuals which have been ignored in the technology era sparks the ultimate necessity for the observation of statutes that are ‘explicitly protecting these rights’. In the eyes of the US law, the privacy of citizens is safeguarded and recognized under various provisions of statutes. Interestingly, this greater protection comes directly from the explicit enshrinement of privacy rights under the Fourth Amendment of the US Constitution. This measure can be taken by Malaysia if such similar vision is to be considered through gradual enforcement later.

Other than that, the judgement made in Public Prosecutor v Lee Sin Long should be heeded as it recognizes the right to privacy where it points out that “the privacy of a person in his home must be respected, and cannot be disturbed.” This similar indication should not, in any way, prevent the due process from being done accordingly as the court in Public Prosecutor v Haji Kassim stated that for the purpose of justice, a witness may submit evidence without the fear that the accused may raise the issue of privacy or protection of personal data. Where the absolute line should be drawn lies on the hands of those in power but with strict adherence to the empowerment of those forgotten privacy rights supposedly grasped by Malaysians. Yet, this should not be seen as a time where Malaysia would be regarded as late in terms of shaping its own Privacy Act to further strengthen the nation’s obligation in providing a formal statute that shall treat the citizens’ private life better.


To recapitulate, Malaysia is still undergoing the phase of equipping more comprehensive laws that not only cater to the requirement of the nation as a whole, but also for the specific needs of its citizens, including the right to privacy. We are experiencing a swift change of era where our lives are mostly influenced by various man-made inventions like the Internet of Things (IoT) that personalize how we work, study, and socialize. This technological advancement tremendously increases our vulnerability to breach of privacy and this highlights the urgency for stronger enforcement in safeguarding the rights of the people more than ever. Although there is minor progression in the protection of privacy, in particular, personal data protection, we aver that this will never be sufficient to meet the current societal demands. Hence, it is favoured that new implementations shall be inaugurated to reform our legal framework and to grant our citizens the necessary protection that they deserve.



Beatrice A/P At Fernandez v Sistem Penerbangan Malaysia & Ors [2005] 3 MLJ 681

Dr Bernadine Malini Martin v MPH Magazine Sdn Bhd and others [2010] 5 MLJ 755

Pendakwa Raya lwn Nor Hanizam bin Mohd Noor [2019] MLJU 638

Public Prosecutor v Lee Sin Long [1949] MLJ 51

Public Prosecutor v Haji Kassim [1971] 2 MLJ 115

Sivarasa Rasiah v Badan Peguam Malaysia & Anor [2010] 3 CLJ 507

Lee Ewe Poh v Dr Lim Teik Man & Anor [2011] 1 MLJ 835

Lew Cher Phow @ Lew Cha Paw & Ors v Pua Yong Yong & Anor [2011] MLJU 1995

Maslinda bt Ishak v Mohd Tahir bin Osman & Ors [2009] 6 MLJ 826

McVeigh v Cohen 983 F Supp 215, 220 (DDC 1998)

M Mohandas Gandhi & Anor v Ambank (M) Berhad & Anor [2014] 1 LNS 1025

Mohamad Izaham bin Mohamed Yatim v Norina Binti Zainol Abidin & Ors [2015] MLJU 372

Muhamad Juzaili bin Mohd Khamis & Ors v State Government of Negeri Sembilan & Ors [2015] 3 MLJ 513

Ultra Dimension Sdn Bhd v Kook Wei Kuan [2001] MLJU 751


Anti-Corruption Act 1997

Births and Deaths Registration Act 1957

Communication and Multimedia (Licensing) Regulations 1998

Companies Act 2016

Computer Crimes Act 1997

Federal Constitution

International Covenant on Civil and Political Rights

Law Reform (Marriage and Divorce) Act 1976

Penal Code

Personal Data Protection Act 2010

Private Healthcare Facilities and Services Act 1998

Security Offences (Special Measures) Act 2012

Universal Declaration of Human Rights

Online Newspaper Articles

Buang, S. (2015, Sept 3). Public Officials and Private Space. New Straits Times. Retrieved from

Ida Lim. (2020, November 19). Your personal details in MySejahtera app safe, Health Ministry assures Malaysians. Malay Mail. Retrieved from

Online Websites

Farah Nabilah, Illianie Mohd Taib, Lee, J. J. X., Nurliyana Fatihah., Song, C. W. & Xing, H. Q. (2020, April 19). Shielding Individual Peace in Modern Times: Debunking the Efficacy of The PDPA (2010) in Protecting Data and Privacy Rights. University of Malaya Law Review. Retrieved from

Foong, C. L. (2011, February 21). Right to privacy in Malaysia: Do we have it? LoyarBurok.

Lim, Z. H. (2019, Jun 24). 5 Things About Privacy Laws in Malaysia. Donovan & Ho. Retrieved from

M, M, Kobiruzzaman. (2020, September 24). Personal Data Protection Act 2010 (PDPA) in Malaysia- Case Study & Improvement. Newsmoor. Retrieved from

Journal Articles

Calcutt Committee. (1989). Report of the Committee on Privacy and Related Matters. Retrieved from

Kylie, J. C. (2019). A 21st century right? An analysis of the extent to which New Zealand's privacy act 1993 provides a right to be forgotten. New Zealand Universities Law Review, 28(4), 561-586. Retrieved from

Nehaluddin Ahmad. (2008). The right to privacy and challenges: A critical review. Malayan Law Journal, 5, 121-149. Retrieved from

Shaiful Qamar Qamar Siddique Bhatti, & Usharani Balasingam. (2017). Between Lex Lata and Lex Ferenda: An Evaluation of the Extent of the Right to Privacy in Malaysia. Malayan Law Journal , 4, xxix. Retrieved from

7 views0 comments


bottom of page