MCMC ordered to ‘preserve’ contractor’s IT equipment pending trial

MCMC ordered to ‘preserve’ contractor’s IT equipment pending trial

The High Court says Nuemera (M) Sdn Bhd’s equipment stored on MCMC’s premises must be locked up, monitored, and supplied with electricity.

mcmc-skmm-mcmc
Technology service provider Nuemera (M) Sdn Bhd is suing MCMC and six individuals for misfeasance in public office and wrongful interference in trade or business, allegations which the defendants deny. (MCMC pic)
PETALING JAYA:
A Kuala Lumpur High Court has ordered the Malaysian Communications and Multimedia Commission (MCMC) to preserve and electrify a service provider’s IT infrastructure housed at its data centre pending trial late next year of a multimillion-ringgit lawsuit.

In the suit, Nuemera (M) Sdn Bhd accuses MCMC and six of its current and former senior officers of misfeasance in public office and wrongful interference in trade or business, allegations the defendants deny.

On April 18, judicial commissioner Ros Mawar Rozain ordered MCMC to “retain custody” and “preserve” the equipment pending trial, scheduled to begin on Oct 6 next year.

The court also ordered that the equipment remain continuously operational, be placed in a locked cage under CCTV surveillance, and that its recordings be retrievable.

It also directed that the key to the cage be held by Nuemera’s solicitors, Messrs Zaid Ibrahim Suflan TH Liew & Partners.

In subsequent proceedings held on June 5, Ros Mawar clarified that MCMC was not permitted to turn off the supply of electricity to the equipment, despite contentions by the regulator’s counsel, Saritha Devi Kirupalani and Nur Ainabilla Rosdi, of Messrs Firoz Julian, that the shutdown was necessary to avoid it becoming a fire hazard.

Nuemera, represented at the hearing by Liew Teck Huat, Rueben Mathiavaranam, Ong Kang Nyong and Kathleen Samantha George, had contended that an abrupt shutdown would compromise the integrity of the equipment and corrupt its data, which it said would interfere with expert forensic analyses it intends to adduce at trial.

FMT understands that MCMC has since resumed electricity supply to the equipment.

The matter has been fixed for further case management before Ros Mawar on Oct 1, with parties directed to complete and submit expert forensic reports on the status and integrity of Nuemera’s IT infrastructure by that date.

MCMC falsely implicated us in 2014 data leak, says Nuemera

Nuemera’s suit, filed last year, names former MCMC chairman Halim Shafie, current and former chief operating officers Ali Hanafiah Yunus, Mazlan Ismail, and Zulkarnain Yasin, network investigation department head Hairul Anuar Mat Nor, and chief legal officer Noor Syahira Surya Noordin as co-defendants.

In its statement of claim, sighted by FMT, Nuemera alleged that the defendants had engaged in improper and malicious conduct calculated to end its appointment by MCMC under a public cellular blocking service (PCBS) agreement and to cause it to suffer substantial loss and damage.

The PCBS is a service which prevents mobile phones reported lost or stolen from accessing mobile networks in Malaysia.

Nuemera alleged that during the term of the agreement, MCMC had “falsely” and “recklessly” accused the company of being responsible for a 2013 data leak involving 46 million mobile phone numbers.

The company said MCMC and its co-defendants used the data leak as a “tactical advantage” to terminate its services.

Nuemera said MCMC suspended the agreement in January 2018, lodged a “false” police report implicating the company in the data leak and later wrongfully terminated its services despite the police exonerating the company and its staff from responsibility.

Claiming to be owed almost RM82 million by mid-2016, Nuemera alleged that MCMC substantially lowered service fees and deliberately delayed payments, leaving the company “cash-strapped” and forcing it to accept unfavourable settlement terms.

Nuemera said that it had designed the system for MCMC following a ministerial direction issued in 2007 by then minister Dr Lim Keng Yaik.

Lim had directed MCMC to appoint Nuemera on an exclusive basis to design the PCBS based on a UK system but customised for use in Malaysia with additional value-added and support services.

MCMC entered into the PCBS agreement with Nuemera in May 2013, appointing the company as service provider for the system on a five-year renewable term.

Premised on the agreement, Nuemera set up the IT infrastructure comprising an array of equipment to operate and manage the PCBS system.

The equipment was relocated to MCMC’s data centre in October 2016.

Termination justified, MCMC says

In its defence, filed in February this year, MCMC denied Nuemera’s allegation that the contract had been wrongfully terminated.

“The PCBS agreement was not renewed post Dec 31, 2018 as Clause 4.2(b) of the agreement was not fulfilled by the plaintiff (Nuemera),” the filing said.

MCMC said any extension of the agreement was subject to Nuemera’s “continuing compliance” with all its contractual obligations and its “overall performance” of the agreed scope of work.

The regulator also claims the agreement allowed it to suspend and take possession of the PCBS solution in the event of a “public emergency” or if doing so is in the “public interest”.

Denying allegations of improper economic pressure, MCMC said the arrangement agreed upon saw Nuemera paid RM99.4 million for invoiced charges between July 2015 and Dec 2016.

“(Nuemera’s) dissatisfaction reeks of mala fides and (is) an afterthought, as (it) had voluntarily executed the (settlement) term sheet and benefited from the payment,” the defence statement said.

MCMC also insisted that its suspension of the PCBS agreement was justified.

“The data breach is not fictitious. Circa Oct 19, 2017, (MCMC) discovered that the raw subscribers’ data in a composite format was leaked on the dark web,” it said.

According to the MCMC, 40 million subscribers from 12 telcos in the country were compromised in the leak.

Nuemera was the sole custodian of the data, it said, adding that MCMC was restricted to “read-only” access.

MCMC also claimed that police investigations exonerating Nuemera of involvement in the data breach were “not conclusive” and did not absolve the company from liability.

“Only (Nuemera) had access to the composite subscribers’ data for the whole of Malaysia,” it said, adding that MCMC had the right to withhold payment “until there was a conclusion on the very serious issue of the data breach”.

In its counterclaim, MCMC seeks repayment of sums “wrongly paid” to Nuemera both prior to and following the company’s suspension together with interest on those sums.

In its reply, Nuemera alleged that the data breach originated from within MCMC.

It said one of the regulator’s officers had access to the equipment, and was in a position to perpetrate the data breach.

The company also denied any liability under the counterclaim.

Stay current - Follow FMT on WhatsApp, Google news and Telegram

Subscribe to our newsletter and get news delivered to your mailbox.