PETALING JAYA: FMT has obtained a copy of the data compiled by a Chinese data company believed to have links to Beijing’s military and intelligence operations, which contains nearly 1,400 Malaysian names including those of politicians, royalty and prominent business leaders.
The company, Zhenhua Data, based in Shenzhen, boasts of the People’s Liberation Army and the Chinese Communist Party as its main clients, according to reports from the Australian Broadcasting Corporation.
While much of the data is publicly available information, that it was compiled and sorted at all has raised the eyebrows of governments around the world, as it appears to indicate a coordinated and strategic intelligence gathering effort.
Inclusion in the list does not implicate individuals in nefarious activity, it simply implies that at some point in time they were deemed worth monitoring by the creators of the list.
The database contains information on prominent MPs and ministers, both current and former, from parties such as the DAP, MCA and Umno, and includes a party president.
The CEOs and board members of private and public companies worth billions also show up on the database obtained.
There also appear to be records kept on family members of politicians, including a descendant of a former prime minister.
Information on prominent former military personnel are also recorded in the leaked data.
There are also hundreds of entries regarding those who have been charged with crimes such as fraud and criminal breach of trust, as well as offences such as drug trafficking, kidnapping and terrorism.
Canberra-based cybersecurity company Internet 2.0 was able to recover 250,000 of the 2.4 million names on the list that was provided to them, which means that this leak is just over 10% of the total database.
Robert Potter, CEO and co-founder of Internet 2.0, told FMT that this sort of information could be used by analysts to assess the “targetability” of individuals’, as well as forming the basis of widespread influence campaigns.
On the question of legality, Potter said even though much of the data was readily available online, its collation raised major ethical issues.
“The terms of service of these platforms allow users to provide data to the firms that operate them. However, it is not always legal to then scrape that data for third party purposes.”
He said even though Chinese privacy law did not outlaw such acts, “it’s highly problematic to claim that Chinese law would apply to a Malaysian citizen giving data to Facebook in a Malaysian jurisdiction”.
Asked if governments should be worried, he warned, “they should be, and they are,” and cited investigations into the matter in India, Australia and the UK.
“The primary policy element that I would think about, aside from influence operations, is that of privacy legislation. Setting norms on this is an important next step for governments.”
Senior minister for security Ismail Sabri Yaakob had previously said the international news reports of the leak required verification before further action could be taken.
Potter said that while his company was continuing to work on restoring the data, he did not think the full system was recoverable.