MYDigital – One year on…

By Edika Amin | January 14, 2022, 5.00pm SGT

Photo by Chander Mohan on unsplash


On February 19, 2021, the then Prime Minister Tan Sri Muhyiddin Yassin officially launched the MYDigital – the Malaysia Digital Economy Blueprint; a plan that has been in the works even before his Perikatan Nasional coalition took power. Nevertheless, the plan was hastened as the Malaysian Government quickly realized digitalization needed to be a key pillar if Malaysia is to recover from the effects brought forth by the COVID-19 pandemic. In essence, MYDigital is aimed to helping Malaysia successfully transform into a high-income nation and a regional leader in an economy that is digitally driven. Among immediate targets of the plan when first launched included providing students access to online learning, enhancing digital literacy and increasing take up of digital technologies among micro small and medium enterprises (MSME).

The blueprint consists of three phases – short-, medium- and long-term targets over a span of 10 years. The phases are as follows:

  1. Phase 1: focusing on services within the Federal government (2021-2022)
  2. Phase 2: focusing on services between the Federal and state governments (2023-2025)
  3. Phase 3: focusing on selected private company services (2026 – 2030)

With an overarching goal of:

  1. Rakyat
  • Creation of 500,000 new jobs;
  • 100% households with access to internet
  • All students to have access to online learning
  1. Businesses
  • 30% uplift in productivity across all sectors by 2030
  • 6% of digital economy contribution to Malaysia’s GDP
  • 875,000 micro, small and medium enterprises (MSMEs) adopt eCommerce
  • Attract 2 unicorns (home-grown or foreign)
  • RM70 billion investment in digitalization
  • Increase the number of start-ups to 5,000
  1. Government
  • 100% civil servants to possess digital literacy
  • 80% end to end online government services
  • All ministries and agencies to provide cashless payment option by 20222
  • 80% usage of cloud storage across Government in 2022

MyDIGITAL Corporation also known as the Strategic Change Management Office (SCMO) has been created and tasked to help coordinate and realize the goals set out in the blueprint.

What MYDigital got right

  1. Compliment to other Malaysian development plans: MYDigital adequately complements national development policies such as the Twelfth Malaysia Plan (RMKe-12) and Shared Prosperity Vision 2030 (WKB 2030).
  2. Clear direction: The blueprint provides better clarity on the agenda and deliverables of the Government’s Digital Economy Council by streamlining all existing digital and technology-related committees and facilitate coordination across ministries and agencies. Governance structure of the Digital Economy Council is also included in the blueprint.
  3. Aligning to regulatory best practices: A key strategy under Thrust 6 includes enhancing commitment to privacy and data protection, easing data flows and enhancing cybersecurity. This will likely begin with a revision of the current Personal Data Protection Act (2010) to bring it aligned to today’s needs followed by revisions in the Digital Signature Act, Communications and Multimedia Act, Computer Crimes Act and Official Secrets Act.
  4. Promote digitalization: Malaysia aims to attract both local and foreign investments worth RM70 billion. The Government will likely continue to push digitalization grants such as those via the ePenjana initiative. Another key initiative was the creation of the Digital Investment Office headed by both the Malaysia Digital Economy Corporation and Malaysian Investment Development Authority which will see cross-collaboration from two different Ministries.

Where to now?

Malaysia remains in Phase 1 with focus on the Federal Government. It is understandable that total lockdowns in 2021 coupled with natural disasters such as flooding has largely derailed Malaysia from acquiring more tangible results aside from the announcement Malaysian Administrative Modernisation and Management Planning Unit (MAMPU)’s Government hybrid cloud and subsequent empanelment of four commercial Cloud Service Provider (CSP) Panels, namely Microsoft, Google, TM and Amazon Web Services (AWS).

In 2022, we anticipate that the Government will continue to emphasize public sector digitalization efforts and look to develop more tech ready talent. Nevertheless, there are still some components lacking if Malaysia is to achieve the goals for the Government in particular the 80% usage of cloud storage across Government in 2022. Among them include:

  1. Lack for proper data classification: In 2021, the Chief Government Security Office (CGSO) released an Information Security Guidelines for The Use of Cloud Computing in The Public Sector. However, the Guideline appears to be a compilation of existing guidelines on CGSO’s views on cloud computing and usage in the public sector. CGSO’s preference remains rather orthodox; where public cloud is a model suitable for the storage of open data and non-sensitive official information only. However, this was caveated in the guideline as subject to change based on Government’s directive. In their current view, the use of cloud computing such as information sharing, data processing, etc. for official secret purposes is not allowed at all except cloud computing developed and authorized by the Government and subject to instructions issued by the Government from time to time. In addition to this, the classification continues to build on Government’s document classification framework. If Malaysian Public Sector is to reap the total benefits of cloud, a fundamental change in classification will be required.
  2. Lack for clarity on data localization policies: It remains to be seen at this juncture if Malaysia would like to pursue data localization nor has there been any indication from the Government. The fact remains that MAMPU’s MyGovCloud@PDSA can only accommodate roughly 25% of the public sector needs in cloud. Therefore, MAMPU requires the assistance of public cloud to complement MyGovCloud@PDSA for a minimum period of five years, this is the key reason why the RFP for cloud empanelment was released in September 2020. The question now remains if private firms see Malaysia as a viable market to look and invest in local data centres in Malaysia or will Malaysia’s public sector lose out on leveraging on the capabilities of more experienced CSPs.
  3. Contradictory policies on Cloud: Malaysian Communications and Multimedia Commission (MCMC) announced their intention to license CSPs starting January 2022. This proposal to license remains a journey and the reasoning behind the MCMC goal is to address the following concerns:
  • How does Malaysia protect personal data as it travels through the network (PDPA only covers travel from source);
  • How law enforcement agencies undertake enforcement activities especially when dealing with data centres;
  • People hosting illegal activities which is a security concern to the country; and
  • How to build trust?

While the intention of MCMC to improve the security of cloud services is commendable the licensing does subject CSPs with local presence to additional compliance requirements, which may impact existing businesses and may stifle innovation and investment. While this journey remains new, it will be interesting to see how this implementation may impact cloud usage in Malaysia.

Posted in

Related Articles

Outcomes from early US Presidential Debate: What’s Next?

Outcomes from early US presidential debate: What’s Next? 28 June 2024, By Grey Pilarczyk   CNN just concluded its first Biden-Trump debate of the 2024 election cycle, eliciting very mixed reactions. The debate largely consisted of Biden defending the record of his first term while Trump vowed to dismantle Biden’s policies on matters such as […]

Indonesia’s Jeopardized Digital Freedoms – A Case Study in Spyware

By Grey Pilarczyk Indonesia has long had a mixed human rights record, particularly regarding the online activity of Indonesians. In recent years, political activists and independent media outlets in the country have faced a barrage of digital threats and cyber-attacks. On May 1st, Amnesty International released a stunning report detailing Indonesia’s use of highly invasive […]

Unpacking the EU AI Act: An ASEAN Perspective

By Nigel Hee The European Union (EU) recently unveiled the Artificial Intelligence Act, a novel piece of legislation that aims to regulate the development, deployment and use of artificial intelligence (AI) systems within the EU. The Act is predicated on a risk-based approach, classifying AI systems into different risk categories and imposing corresponding obligations and […]