Malaysia has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

Malaysia has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

Malaysia has adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

The Consumer Protection Act and the Consumer Protection (Electronic Trade Transactions) Regulations provide a comprehensive framework for consumer protection that also applies to online transactions. The consumer protection law imposes regulations on both online marketplace operators and any person who operates a business for the purpose of supplying goods or services through a website or in an online marketplace (suppliers). In addition, the consumer protection law for electronic trade applies to websites where goods and services are marketed by third parties for purposes of trade "online marketplaces". Although it has not been reported as a barrier to e-commerce, there are claims regarding the lack of coverage on particular e-commerce issues necessary for e-consumer protection. In addition,

It is reported that the registrant of a ".my" domain must have a valid proof of residence in Malaysia. Proof of residence may be an employment pass, or student pass, or permanent residence endorsement, or social visit pass supported by proof of marriage to a Malaysian citizen.

It is reported that the de minimis threshold, that is the minimum value of goods below which customs do not charge duties, is USD 120, below the 200 USD threshold recommended by the International Chamber of Commerce (ICC).

SIRIM QAS International is the sole certifying agency appointed by Malaysia authority. Type Approval is a mandatory requirement for a communications product before it is allowed to be sold in Malaysia. Among the products that need to be certified there are: netbook, tablet PC, mobile phone, security devices, smart TV, WiFi/3G/Bluetooth module and broadcasting equipment. Foreign applicants shall appoint a local management representative in Malaysia to be responsible for Type Approval application. As a member of the Asia Pacific Economic Cooperation Mutual Recognition Arrangement (APEC-MRA), Malaysia accepts product approvals from APEC members.

According to the Certification Requirements for Compliance Approval on Communication, Multimedia, and Hybrid Equipment, import licenses are required for hybrid ICT products. These include those devices with multiple features including toys, medical devices, and computer products.

According to the Malaysian Communications and Multimedia Commission (MCMC) guidelines, there is a licence requirement for Content Applications Service Provider (CASP) and Applications Service Provider (ASP). In assessing the shareholding structure of an applicant, the MCMC takes into account the need to encourage more local small and medium size industries of Malaysian origin in the local information and communications technology industry.

A basic legal framework on intermediary liability beyond copyright infringement is absent in Malaysia's law and jurisprudence.

It is reported that Malaysia imposes an identity requirement for SIM registration. Anyone wanting to purchase a SIM card has to provide their national ID card, or a passport in case of foreigners, to activate a new prepaid SIM card.

Section 116B of the Criminal Procedure Code provides that a police officer conducting a search under the Code must be given access to computerised data whether stored in a computer or otherwise. For the purpose of this section, 'access' includes being provided with the necessary password, encryption code, decryption code, software, or hardware and any other means required to enable comprehension of the computerised data. It is not clear whether a court order is needed to access the information.

The amendment of the Copyright Act of 2012 (Act 1420) establishes a safe harbour regime for intermediaries for copyright infringements. According to Art. 43F of the law, Internet Services Providers (ISPs) and content aggregators are provided immunity from liability for copyright infringement if they protect copyright owners by removing or disabling access to the infringing content.

Under Section 6(3) of the Security Offenses (Special Measures) Act 2012, a police officer with the rank of superintendent of police or above may intercept communications without the authorization of the public prosecutor in urgent cases.