UNAIR NEWS- The leak of President Joko Widodo’s personal data raises a big question regarding the security of personal data stored on electronic systems in Indonesia. This kind of data leak is not the first time. Inevitably, the government’s data often becomes the target.
Based on the National Cybersecurity Operations Center record belonging to the National Cyber and Crypto Agency (BSSN), there were 741,441,648 cyber attacks from January to July 2021. The most common attacks were ransomware or malware attacks that demand ransom, or the data held will be leaked.
According to Prof. Dr. Henri Subiakto, Drs., SH, M. Si, lecturer in Communication Science Faculty of Social and Political Sciences (FISIP) Universitas Airlangga, Indonesia lacks cyber security talent compared to the development of digital technology, so there is a gap. Cases of personal data breaches, especially in digital forms that often occur, include misuse and the act of personal data trade, and fraud by using other people’s personal data.
Prof. Henri said that it was caused by cyber attacks, outsourcing of data to third parties, system failures, human error, and even the intention of certain individuals. According to him, in maintaining the digital security of society, the government must take a role. Until now, the law regarding the protection of personal data is still formulated
“The Personal Data Protection Bill is a legal instrument designed to protect citizen’s personal data from the misuse of personal data,” explained Prof. Henry.
One of the urgencies of protecting personal data, according to the Expert Staff of the Ministry of Communication and Information Technology, is the human right as mandated by the 1945 Constitution in Article 28G paragraph (1) which reads, “Every person shall have the right to protection of his/herself, family, honor, dignity, and property, and shall have the right to feel secure against and receive protection from the threat of fear to do or not do something that is a human right.”
In summary, there are five urgencies of the PDP Bill which were presented by Prof. Subiakto, namely as follows
- 1. The need for a comprehensive personal data protection regulation
Prof. Henri stated that this PDP Bill would answer the need for a comprehensive regulation to protect personal data as part of human rights.
2. Governance
The PDP Bill will create a balance in the governance of personal data processing and guarantee the protection of rights and awareness of data subjects. He continued, “As well as providing legal principles and conditions in the processing of personal data that personal data controllers and processors must comply with.
3. Legal certainty
The PDP Bill promises legal certainty regarding the prevention and handling of cases of personal data breaches. “The PDP Bill will become a key legal instrument in the prevention and handling of cases of personal data breaches that still occur and become a common challenge,” said Prof. Henri.
4. Digital economy ecosystem
With the PDP Bill, data from consumers will be guaranteed so that the ecosystem runs well. “The PDP Bill also improves a safe investment climate by providing legal certainty for business and increasing consumer confidence,” explained the FISIP professor.
5. Cross-border data exchange
“The PDP Bill will create equality in international PDP rules that support digital economic growth through cross-border data flow arrangements,” said Prof. Henri.
He also emphasized that the Personal Data Protection Bill is a necessary and urgent legal instrument in Indonesia. Compared to other Southeast Asian countries such as Malaysia, Singapore, the Philippines, and Thailand, which already had personal data protection rules. (*)
Author: Tata Ferliana
Editor: Binti Q. Masruroh (AC/AP)
