No, sharing passwords in Malaysia is generally illegal under the Computer Crimes Act 1997 and Personal Data Protection Act 2010, risking fines up to RM500,000 or imprisonment. Unauthorized access violates Section 3 of the former, while data breaches under the latter attract penalties from the Personal Data Protection Commissioner. The Malaysian Communications and Multimedia Commission (MCMC) actively monitors cybersecurity breaches, with stricter enforcement anticipated under the Cybersecurity Bill 2024 (effective 2026).
Key Regulations for Sharing Passwords in Malaysia
- Computer Crimes Act 1997 (Section 3): Criminalizes unauthorized access to computer systems, including password sharing, with penalties of up to RM50,000 or 5 years’ imprisonment.
- Personal Data Protection Act 2010 (Section 132): Prohibits unauthorized disclosure of personal data, including credentials, with fines up to RM500,000 or 3 years’ imprisonment for breaches.
- Cybersecurity Bill 2024 (Draft): Expands liability to include negligent password sharing, with MCMC empowered to impose administrative fines up to RM10 million for systemic failures.
Corporate entities face vicarious liability under the Companies Act 2016, while financial institutions must adhere to Bank Negara Malaysia’s Risk Management in Technology guidelines, which explicitly prohibit credential sharing. Exceptions exist only for authorized IT administrators under controlled protocols, subject to documented approvals.