Malaysia legislation
Section 52
Section 52
(2)
Notwithstanding anything contained in any written law, no person shall dam up or otherwise interfere with any such source of water without first serving on the licensee either personally or by registered post a three months’ notice, in such form as may be prescribed, specifying the work he proposes to undertake.
(3)
At any time before the expiration of the time specified in the notice the licensee may, if he considers that the work referred to in subsection (2) will materially affect his functions, by notice in writing served on the person, either personally or by registered post—
(a)
prohibit the person from proceeding with the work; or
(b)
attach conditions to the undertaking of the work by the person.
(4)
Any person dissatisfied with the action taken by the licensee under subsection (3) may appeal to the State Authority whose decision shall be final.
Electricity Supply 79
(5)
Any person who—
(a)
dams up or otherwise interferes with any source of water declared under subsection (1) without serving the notice required by subsection (2);
(b)
undertakes any work prohibited under this section; or
(c)
fails to comply with any conditions imposed under this section, commits an offence and shall, on conviction, be liable to a fine not exceeding one thousand ringgit, and a further fine not exceeding one hundred ringgit for every day or part of a day during which the offence continues after conviction.
(6)
Notwithstanding any declaration made under subsection (1), nothing in this section shall affect any licence granted not less than twenty-five years before the date of the declaration under any written law to divert water from any lake, river or waterway, for the purpose of a public installation, the holder of which has not, in the opinion of the State Authority, made reasonable use, for the purposes of the installation, of the rights arising out of the licence in connection with any lake, river, waterway or part thereof declared to be a source of water.
Supply infrastructure information security 52a. (1) Any licensee as directed by the Commission providing supply of electricity to consumers shall be responsible for the preservation of confidentiality, integrity and availability of its information, information systems and supporting network infrastructure pertaining to its duties and other matters as provided under this Act.
(2)
The licensee shall—
(a)
take the necessary measures, establish and implement standards and employ the relevant information security controls to prevent, avoid, remedy, recover or restore
Act 447
its information, document, instrument or records stored in its computers and for its operational system by its computers from any risk of—
(i)
threat or unauthorized access; and
(ii)
intrusion or removal;
(b)
take necessary measures to ensure the resiliency of its supporting network infrastructure to minimize business impact against various threats to its activities under the licence; and
(c)
ensure that the reliability, continuity and quality of electricity supply, its performance of duties and conformity to the provisions of this Act and any regulations made thereunder shall not be jeopardized thereby, and shall report to the Commission within the time specified by the Commission, and in the event of any incident which interferes or affects the performance of the activities under the licence, report such incident immediately to the Commission and other relevant authorities.
(3)
Any licensee who fails, neglects to comply with or contravenes any provision of this section commits an offence and shall, on conviction, be liable to a fine not exceeding three hundred thousand ringgit or to imprisonment for a term not exceeding three years or to both.
(4)
For the purposes of this section—
“supporting network infrastructure” refers to relevant connection, network devices, hardware and software that provides network services in supporting business functions;
“information security controls” refers to means of managing risk, including policies, procedures, guidelines, practices or organizational structures, which can be administrative, technical, management or legal in nature;
“resiliency” means an ability of an organization to resist being affected by an incident.
Electricity Supply 81
Obligation to give information 52b. (1) The Commission may authorize any of its officer to obtain any information pertaining to the licensee or any other person under this Act and shall be given access to such information whether stored in a computer or otherwise.
(2)
Any officer authorized by the Commission under subsection (1), shall have the power to require the production of records, accounts, data, computerized data and documents kept by a licensee or any other person and to inspect, examine and to download from them, make copies of them or take extracts from them.
(3)
For the purposes of this section, “access” includes being provided with the necessary password, encryption code, decryption code, software or hardware and any other means required to enable comprehension of computerized data.
(4)
Any person who refuses to give any information which may reasonably be required of him under subsection (1) and which he has in his knowledge or power to give commits an offence and shall, on conviction, be liable to a fine not exceeding one hundred thousand ringgit or to imprisonment for a term not exceeding two years or to both.