At the end of last week, we reported that the Malaysian Communications and Multimedia Commission (MCMC), as the country's telecommunications services regulator, has ordered local telecommunications companies to provide call data and user data usage.
Today, MCMC held a session with the media to explain the details of this Mobile Data Project, and its collaboration with DOSM and other government agencies.
First is regarding the Mobile Data Project itself, or Mobile Phone Data Project (MPD). MPD is basically a type of data source that can be utilized by various parties for various purposes such as developing databases to facilitate the publication of various types of censuses and statistical reports. This matter has been confirmed by the United Nations itself along with telecommunications bodies such as GSMA and ITU.
The Department of Statistics Malaysia (DOSM) explained that existing census techniques, which typically include producing and reviewing survey questions, take a very long time, and because of this, many of the censuses they conduct are only released every few years, and become outdated very quickly.
The MPD method has also been used by other countries such as Indonesia, Japan, Estonia, the Netherlands and South Korea for certain purposes as early as 2011, and now, to optimize and speed up the process of calibrating national censuses and statistics, the DOSM and MCMC want to work together to leverage this method.
The DOSM, together with several other government agencies, including MCMC, the Ministry of Tourism, the Ministry of Economy and local telecommunications companies have agreed to use the MPD method to see its effectiveness in speeding up the process of producing local censuses and statistics.
According to the MCMC, the MPD Project has been mandated by the Malaysian Cabinet since April 2023, and throughout these two years, until two months ago, the MCMC, the Ministry of Economy, DOSM and telecommunications companies have held discussions on the best way to utilize this MPD data by government agencies such as DOSM.
From the briefing, the MCMC also said that the data collected from local telecommunications companies does not contain any personal details of users. In fact, from the sample data shown to the media, the details received by MCMC include:
MSISDN (anonymized user subscription number)
Tower ID
Tower latitude and longitude
Time and date the towers were accessed from the device
Type of data accessing the towers (CDR and IPDR (call and IP data, no details provided)
Network type (2G, 3G, 4G, 5G)
Country code (to see if it is a local or international number)
According to MCMC, and confirmed by telecommunications companies, no personally identifiable information was provided to MCMC, and details such as MSISDN were encrypted to ensure that the data could not be traced by anyone.
In fact, part of the discussion that has taken place over the past two years has been to determine the type of data that can be sent to MCMC before it can be accessed by DOSM.
If you are confused about how this data is sent to MCMC, part of the PDPA 2010 (Personal Data Protection Act 2010) which ensures that the digital details of telecommunications service users cannot be disseminated arbitrarily.
And if you are also confused about why this user data is sent to the MCMC, this is because the data sent is anonymous and tracking only stops until access to the network transmitter tower, and not until the user's device, and therefore is not covered by the PDPA law.
In the meantime, the DOSM, which requests to use this data, can only access this data via API calls through the MCMC. In short, the MCMC acts as an intermediary between the DOSM and telecommunications companies to access data for their pilot project of census production and statistical reports.
However, the MCMC has assured that the data details received from telecommunications companies are stored on the MCMC premises itself, and not through cloud storage to ensure that this data can only be accessed by authorized parties, whether physically or digitally.
In terms of the data retention period, the MCMC also confirmed that when the DOSM pilot project is active, the data will be stored by the MCMC for