A recent report has raised serious questions about how much of our personal phone data may be heading straight into the hands of authorities. According to the South China Morning Post (SCMP), Malaysia's telecom companies have allegedly been asked by the Malaysian Communications and Multimedia Commission (MCMC) to hand over highly detailed user data – including call records, internet activity, and even GPS coordinates – as part of a government project.

What Is the "Mobile Phone Data" Project?

The request reportedly stems from something called the Mobile Phone Data project. The initiative is not yet publicly disclosed in full, but if SCMP's sources are accurate, it seems to involve comprehensive metadata collection.

In April 2025, MCMC allegedly sent a formal letter to telcos instructing them to submit phone usage records for the first quarter of the year. These records include:

According to the report, companies were warned that non-compliance could result in penalties – including a fine of up to RM20,000 or even six months in jail under the Communications and Multimedia Act.

Is This Legal? And Who's Asking the Questions?

One unnamed telco source quoted by SCMP expressed concern not just about the scale of the request but also the lack of clarity surrounding it. The source said, "We have asked MCMC about transparency and accountability for the use of the data. We don't know if MCMC will make a public statement that such an exercise is under way."

That's the heart of the issue: it's not just about what's being asked for, but why and how. As of now, the public has been left in the dark.

A Country Already On Edge About Data Security

This news arrives at a time when public trust in data security is already shaky in Malaysia. Just recently, Home Minister Saifuddin Nasution's personal WhatsApp account was hijacked by an unknown party, prompting security alerts nationwide.

And if we rewind a bit further – many Malaysians still remember the 2017 megabreach that saw private information of 46.2 million mobile users leaked and sold on the dark web. That breach didn't just affect telco customers; it also involved leaked data from medical councils and associations, including:

It was a painful reminder of how vulnerable personal data can be, and why transparency from data holders – and regulators – is so important.

What Privacy Advocates Are Likely to Say

Given the history and the growing concerns, privacy experts are expected to press the government on several fronts:

When citizens don't know why their data is being collected or how it will be used, trust erodes quickly – and rightly so.

Should We Believe the Report?

It's important to note that the MCMC has not yet issued any public response to the SCMP article. Until an official statement is made, it's wise to take this news with caution – not because it can't be true, but because the full story might still be unfolding.

That said, if the report is accurate, this raises big questions about the balance between national interest and individual privacy – and whether Malaysians are being asked to accept too much, too quietly.

Bottom Line: Whether you're a privacy advocate or just an average user, this report is a wake-up call. If data like your call history and location are on the table, Malaysians deserve to know exactly why – and what's being done to protect it.