LETTERS Imagine taking your smartphone or laptop for a routine repair, trusting that your personal data remains secure.
Now picture that same data, such as intimate photos, bank details or private messages, being accessed, copied, or even leaked without your knowledge.
This is a growing concern, as revealed by a recent undercover investigation by a media outlet in Singapore. The investigation used 40 devices embedded with hidden screen-recording software to monitor the activities of technicians.
The findings were both alarming and revealing. Technicians were caught browsing through private files, including personal photos, pay slips and email accounts. Sensitive data, such as passwords and financial details, were copied onto external devices.
Several technicians attempted to erase browser histories and activity logs to conceal their misconduct.
This issue extends beyond Singapore. A 2022 study, titled No Privacy in the Electronics Repair Industry, uncovered similar breaches in North America, where technicians routinely accessed, hacked or stole personal data.
Investigative reports by The Register, a reputable technology news outlet, have corroborated these troubling practices, underscoring the global scope of the problem.
In Malaysia, the risk of data breaches during tech repairs of devices is particularly concerning. Many consumers opt for inexpensive third-party repair shops, often unaware of the security risks involved.
Mobile phones and laptops hold vast amounts of sensitive data, from financial records to personal photographs. A single breach can result in identity theft, financial fraud, or public embarrassment.
CyberSecurity Malaysia reports that cybercrime, including data breaches, has cost the nation RM21 billion over the past five years.
To protect data, one should create backups and delete sensitive files before handing over their devices for repair. Use encryption tools to secure private information, which makes it more difficult for unauthorised access to your digital devices.
Use strong, unique passwords and two-factor authentication. Opt for authorised service centres or those with clear, transparent privacy policies, even if they cost more. The government and industry leaders must also act to strengthen regulations and enforce accountability within the repair industry.
Among the recommended actions include:
1. Amend the Personal Data Protection Act (PDPA): Introduce specific provisions addressing the electronics repair industry, with stricter penalties for breaches.
2. Mandatory Privacy Policies: Require repair shops to clearly display policies on how customer data will be handled.
3. Technician Training and Licensing: Implement mandatory training on data ethics and introduce licensing requirements for repair shops.
4. Regular Audits: Conduct routine inspections of repair shops to ensure compliance with data protection standards.
5. Consumer Awareness Campaigns: Launch public education initiatives to raise awareness about the risks of data breaches and preventive measures.
6. Centralised Reporting System: Establish a platform for consumers to report data breaches and hold violators accountable.
DR MANIVANNAN RETHINAM
Chairman,
Majlis Gagasan Malaysia
The views expressed in this article are the author's own and do not necessarily reflect those of the New Straits Times
