Following reports that the Malaysian Communications and Multimedia Commission (MCMC) ordered telcos to hand over mobile network usage data from the first quarter of 2025, Malaysia’s major telecom operators and the regulator have reassured the public that personal data and privacy remain fully protected.
The news, initially reported by South China Morning Post, revealed that MCMC requested telcos to provide call records, IP call logs, and location data as part of its Mobile Phone Data (MPD) project, which aims to generate detailed statistics to inform policy decisions in ICT and tourism sectors. The request raised privacy concerns due to lack of public disclosure and rising cyberattack risks in Malaysia.
In response, the MCMC clarified that all data collected for the MPD project is strictly anonymised, contains no personally identifiable information (PII), and is used solely for statistical purposes. Telcos may either process the data internally or allow MCMC to do so, but anonymisation happens before the regulator receives it. The MPD initiative is conducted in collaboration with the International Telecommunication Union (ITU) and the UN Committee on Big Data and mirrors similar projects in countries like Indonesia and Brazil.
Separately, CelcomDigi, Maxis, U Mobile, and YTL Communications each affirmed their commitment to data privacy and compliance with Malaysia’s Communications and Multimedia Act and Personal Data Protection Act. They stated that the MPD data shared is anonymised, aggregated, processed within secure environments, and that no PII is ever accessed, shared, or processed during this data submission.
