KUALA LUMPUR, Aug. 28 -- In an age of phishing, spam bombardment and potential scams, protecting personal data has never been more crucial.

That's why the Personal Data Protection Act 2010 (PDPA) exists - its function is to protect the public from the misuse of their personal data through a set of principles that data controllers (or organisations or businesses that process personal data) must follow.

But what exactly is personal data? According to Malaysian Bar Council Personal Data Protection Committee's chairperson Sathish Ramajandran, any information that can identify a person is considered personal data.

"That includes things such as name, email address, phone number, age, address, date of birth, IC number, photographs - these are...