Incidents involving data leakage are increasingly occurring in Indonesia and can be taken as clear evidence of the urgent need for protecting personal data.
For this reason, the ratification of the Bill on Personal Data Protection (PDP Bill) is increasingly becoming important.
Even as the stalemate over the ratification of the bill continues, Indonesian people are increasingly being threatened with the misuse of their personal data.
As per the latest information, a disagreement over the need for an independent supervisory agency for protecting data between Commission I of the House of Representatives (DPR RI) and the Indonesian government is hindering the ratification of the PDP Bill.
As reported by LKBN Antara, according to a member of Commission I of DPR RI, Rizki Aulia Rahman Natakusumah, after discussions with experts, thinkers, social institutions, and the private sector, it was agreed that an independent supervisory agency will be needed to carry out the supervisory function in the near future, as outlined by the PDP Bill.
The existence of such an agency as the manager of people’s data would help ensure equality between the private sector and the public, he said.
However, there is no agreement yet between Commission I of the DPR RI and the government regarding setting up the institution, even regarding its location, which is expected to be outside the ministry, he added. The ratification of the PDP Bill has been hanging fire over the issue, he informed.
In addition, there are also other obstacles delaying the ratification of the PDP Bill, namely data segregation, which has received less attention in discussions on the regulation, he said.
Data segregation pertains to the separation or segregation of personal data that is open and closed for access by third parties, he informed.
It is indeed necessary for data segregation to be regulated because profiling or algorithm systems based on artificial intelligence (AI) that record the search history of Internet users’ personal data or certain applications can be sold by the parties who process and control the data, he explained.
Due to these remaining obstacles, people’s personal data, which is clearly of value and needs to be protected, is facing an ever-greater threat of misuse at the hands of certain parties, he added.
Importance of personal data protection
According to the national coordinator of the Network of Digital Literacy Activists (Japelidi), Novi Kurnia, there are four main points that make it essential for Indonesian citizens’ personal data to be protected.
The first is related to human rights, she said. Personal data protection is part of human rights as the right to privacy is implicitly guaranteed by Article 28G, paragraph (1), of the 1945 Constitution, she added.
Every person has the right to personal protection, family, honor, dignity, and property under their control, and has the right to a sense of security and protection from the threat of fear to do or not do something, which is a human right, she explained.
Still related to human rights, the importance of personal data protection is also emphasized in the Constitutional Court’s decision Number 50/PUU-VI/2008 concerning Cases of Judicial Review of Law Number 11 of 2008 concerning Information and Electronic Transactions, Kurnia pointed out.
In the decision, it is stated that Article 27, paragraph (3), of the ITE Law prohibits acts that intentionally and without rights distribute and/or transmit and/or make accessible electronic information and/or electronic documents that have insults and/or defamation, she noted.
The Constitutional Court decided that the Article is not in conflict with a person’s Constitutional rights and powers, democratic values, and the rule of law.
The second reason why data protection is important is related to consumer protection, she said.
Online transactions have increased the use of personal data, he informed. Therefore, the existence of a firm regulation is needed to protect consumers from experiencing harmful events, she said.
Meanwhile, the third point is related to international relations, she underlined. In international relations, personal data protection becomes essential in the flow of information and trade between countries, she said. Therefore, the protection of personal data is a matter that cannot be ignored, she stressed.
Next, the fourth point is the harmonization of regulations, Kurnia said. Personal data is regulated in several sectoral regulations, such as banking, telecommunications, the ITE Law, Health Law, and Population Administration Law, she noted.
Thus, the Personal Data Protection Bill can be used as a legal umbrella as well as a tool to accommodate the existence of new technologies, she affirmed.
Waiting for the ratification of the PDP Bill
The four points related to human rights, consumer protection, information flow and trade between countries, and harmonization of regulations underscore the importance of protecting citizens’ personal data.
Therefore, the ratification of the PDP Bill is much-anticipated by the public. The primary purpose of this regulation is to protect the rights of citizens regarding their personal data so that it does not get used against their wishes or obligations by the private sector or the government.
Taking into account the urgent need for personal data protection, it is rather appropriate that the concerned parties promptly resolve the stalemate over the ratification of the PDP Bill.
According to a professor at the Law Faculty of Parahyangan Catholic University, Catharina Dewi Wulansari, the PDP Bill is really needed by Indonesians to protect their welfare. She said she also believes that the PDP Bill will be able to create a balance in the management of personal data.
For personal data protection in the midst of the digital era and the increasing threat of cybercrime, it can be said that the greatest hope lies in the ratification of the PDP Bill as soon as possible.
Anang Fadhilah