ICT Ministry commemorates International Data Privacy Day by holding discussion to raise data privacy policy awareness
To celebrate International Data Privacy Day which falls every 28 January, the Ministry of Communication and Informatics along with VIDA Digital Identity and Indonesia Cyber Security Forum (ICST) held an online media clinic about the implementation of data privacy protection policy in Indonesia.
In the discussion, the panellists particularly discussed the Personal Data Protection Bill (RUU Perlindungan Data Pribadi) that is currently undergoing public evaluation. However, according to a survey by the ministry and Katadata Insight Centre, more than 60% of the public still doesn’t know about the existence of the PDP Bill.
The survey also found that only 31.8% of companies know about it. Therefore, the ministry, VIDA and ICSF made efforts to improve the awareness and understanding of the public and digital industry players about the bill.
“The PDP Bill is currently in the finalisation stage between the government and the House of Representatives. It is expected to improve the governance of the electronic system in Indonesia. Simultaneously, various policy instruments in the PDP Bill are formulated to be effective in reducing cybersecurity issues and personal data leak,” said Acting Director of Informatics Application Control at the ICT Ministry Teguh Afriyadi.
The PDP Bill will regulate more detailed policies, adding the definition of data and personal data rights. It also includes the reaffirmation of the obligations and responsibilities of data controllers and data processors, the formation of Data Protection Officer (DPO) officials, as well as the imposition of administrative sanctions and criminal sanctions.
In the PDP Bill, the ministry includes a policy instrument that penalises those who violate the principles written in the bill in a form of fine. Teguh sees this as an ideal policy instrument to control data privacy in Indonesia.
VIDA added that although compliance with both domestic regulations and global personal data protection best practises may reduce the risk of personal data abuse, it believes in the principle of beyond compliance. “This means that in terms of protecting personal data, we will go the extra mile,” said VIDA co-founder and CEO Sati Rasuanto.
In doing so, VIDA offers identity verification solutions that use world-class technology and global security standards, while conducting comprehensive public education so that the public could understand the rights to privacy in this digital era and protect their personal data.
ICSF chairman and founder also added that he sees PDP Bill as one of the answers from a policy perspective to prevent various cases of data leak that occur in all institutions from government institutions, state-owned enterprises as well as the private sector.
For some context, Kominfo reports that in 2021 alone they handled 43 cases of data leak. Some of the major cases of data breach in Indonesia are as follows:
Tokopedia data breach back in 2020 which exposed the data of its more than 15 million user
Data leaks involving Indonesia’s COVID-19 tracking app PeduliLindungi
The recent alleged data leak of Bank Indonesia (BI) by a hacker group called Conti Ransomware Gang
The recent medical data breach, 720GB of medical records and information of patients in Indonesia were sold on the dark web.