Malaysia’s travel reopening cheer tainted by controversy over Covid-19 contact-tracing app

• Critics say controversy surrounding MySejahtera app, Malaysia’s answer to LeaveHomeSafe, symbolises country’s poor government accountability the last two years
• Health Minister Khairy Jamaluddin insisted there is nothing untoward in the entire saga and citizens personal data is secure

A multilayered ownership controversy over Malaysia‘s Covid-19 tracking application marred what would have been a week to remember for Prime Minister Ismail Sabri Yaakob‘s government as the country allows quarantine-free travel to all vaccinated travellers.

After a trying two years of the health crisis, the reopening has been highly anticipated by citizens and officials alike, with Health Minister Khairy Jamaluddin taking to social media to welcome foreign arrivals.

At home, however, the government’s critics and some observers said the travel milestone did not mean they would mute their repeated calls for accountability on some of the government’s questionable decisions the last two years.

Do you have questions about the biggest topics and trends from around the world? Get the answers with SCMP Knowledge, our new platform of curated content with explainers, FAQs, analyses and infographics brought to you by our award-winning team.

© Provided by South China Morning Post
Vehicles form a long queue to enter the Woodlands Checkpoint in Singapore early on Friday, before crossing the causeway to Malaysia’s southern Johor state, as both countries reopen its borders to fully vaccinated travellers. Photo: AFP

The current controversy surrounding the MySejahtera app – similar to Singapore’s TraceTogether and Hong Kong’s LeaveHomeSafe – pertains to recent reports by the health news portal CodeBlue that revealed the Malaysian app was in fact not government owned as many were led to believe.

Instead, its proprietor was a Singapore-based company.

Veteran Malaysian political analyst Bridget Welsh said the controversy over the app – spanning procurement, ownership, data privacy and protection, as well as transparency and inadequate oversight, would only serve to add to latent public concerns about the platform.

“It has clearly been botched, the usage figures speak for themselves,” she said, referring to reports MySejahtera check-ins and identified casual contacts fell 26 per cent between March 25 and 29, when the issue became public.

© Provided by South China Morning Post
Passengers scan the MySejahtera app, used to monitor the Covid-19 coronavirus status, before boarding a catamaran yacht in Langkawi, Malaysia. Photo: AFP

Testimony by a government official before a bipartisan public accounts committee revealed there had not been a proper contract agreement between the government and the firm as the app was developed under the backing of the National Security Council rather than the government and the bureaucracy.

“All this time, when the development of the system was being administered by the National Cyber Security Agency (NACSA) or the National Security Council (NSC), there was no proper contract with the company. So, there is no contract,” the finance ministry’s government procurement division deputy secretary Rosni Mohd Yusof told the committee on March 8. The app currently has some 38 million registered users.

The immediate question for many online users was the security of personal data.

Cheers, fireworks as thousands cross Singapore-Malaysia land border

On social media, some lamented what they said was a Byzantine ownership structure for a platform that in many other places, including neighbouring Singapore and Hong Kong, is owned and administered by the government.

MySejahtera’s owner is Entomo Malaysia Sdn Bhd, a wholly-owned subsidiary of Singapore’s Entomo Pte Ltd.

The Singapore company has a Malaysian among its four directors. The three others comprise of two Singaporeans and an Indian national.

It was formerly known as KPISoft.

Adding to the complexity of the app’s status is a reported move for Entomo Malaysia – which claims to be the “owner of all rights, title and interest including all intellectual property rights” to another entity called MySJ.

Excitement, eye-rolling in Malaysia and Singapore as land border fully reopens

This transfer will see Entomo Malaysia be paid 338.6 million ringgit (US$80.2 million) for MySejahtera’s intellectual property and software license, according to court documents pertaining to the transaction.

The National Security Council in July 2020 issued a statement vouching for KPISoft as the obvious choice to steward MySejahtera as it had a track record of operating in more than 15 countries with some of its applications used by Fortune 500 companies

The current controversy struck a particular raw nerve for a well-known Twitter personality, Chairman GLC, who was arrested in June 2021 for publicly questioning if government funding for MySejahtera had in fact been directed to the app.

© Provided by South China Morning Post
A passenger plane is welcomed by water cannon salute at the Kuala Lumpur International Airport. Malaysia opened its borders to international travel on Friday, ending restrictions that have been in place since the COVID-19 pandemic began in 2020. Photo: Xinhua

“I am angry because I was detained for a day last year, with my phone, modem and router confiscated for months for questioning things that have been proven to be correct in the news today,” he tweeted on Wednesday.

Similarly, Azrul Mohd Khalib, chief executive officer of the Galen Centre for Health & Social Policy, was questioned by police last July for a tweet in which he called out alleged police abuse for using MySejahtera data to track residents at a locale under “enhanced lockdown”.

“Me too, summoned to Bukit Aman [Police National Headquarters]. I still have not received my phone back,” he wrote in response to Chairman GLC’s tweet.

Khairy, a member of the Prime Minister’s powerful United Malays National Organisation (Umno), has sought to clarify the situation – though his repeated attempts at outlining details on the issue elicited further commentary about MySejahtera’s murky ownership structure.

Will sustainable travel flourish in Malaysia post-pandemic?

Appearing before the country’s upper house of parliament, the Dewan Negara, on Wednesday, the minister said Entomo – the current owner of the app – had chosen to be “based in Singapore as, like other Malaysian tech companies, they find it easier to get investors in Singapore,” he said, citing the example of the Southeast Asian super-app firm Grab.

He said most ownership shares in Entomo were held by Malaysians and that its servers were located in Kuala Lumpur – with access granted only to health ministry officials.

“All data and information obtained through MySejahtera is the property of the government, and its security and confidentiality are guaranteed,” Khairy said.

Earlier, he said even though there is no contract agreement between the government and Entomo, there was a non-disclosure agreement (NDA) in place that ensured the rights of users were protected.

How the world is getting tough on unvaccinated people

Critics however were not swayed, with lawyer and legal activist Lim Wei Jiet pointing out that NDAs usually do not provide for such protection.

“But it depends on the terms. We should see if it explicitly states that the government owns the data,” he said while noting the lack of a detailed agreement was a “major red flag”.

With the Malaysian Medical Association this week claiming the all-encompassing program had “outlived its usefulness as a contact tracing app”, Khairy also echoed the sentiment, hinting the need for checking in with the app to enter premises “can be dropped” if there are no significant fluctuations in infection patterns following the reopening of Malaysia’s international borders.

Analyst Welsh however said the entire saga merited an independent review. While the discontinuation of MySejahtera’s usage would “reduce pressure, it does not answer questions,” she said.

More Articles from SCMP

China vows to bolster energy security as Ukraine war stokes ‘period of turbulence’

How this former rising star of the China tech scene now finds itself close to collapse

Will China’s hopes of a Modi visit hit a BRICS wall?

Man Ho: restaurant review

This article originally appeared on the South China Morning Post (www.scmp.com), the leading news media reporting on China and Asia.

Copyright (c) 2022. South China Morning Post Publishers Ltd. All rights reserved.