Digital Economy and Personal Data Protection

The Central Bureau of Statistics released e-commerce 2020 statistical data with quite interesting facts. People are increasingly fond of buying goods online online, but most of the payments are made cash on delivery (COD) or direct cash payment.

One of the contributing factors, according to researcher at the Center for Indonesian Policy Studies, Thomas Dewaranu, is a matter of trust. The public is not yet fully convinced of the storage or transactions of digital money.

“In rural areas, people no convenient to use for example e-wallet or even fintech. Even at official fintechs, they are still not comfortable using it because they don’t believe it. If you open the news, every day about the fraudulent loan or hear on the radio, someone is being charged with being chased by a loan. So they are afraid to use it,” said Thomas.

Peneliti Center for Indonesian Policy Studies, Thomas Dewaranu (Mouab)

Peneliti Center for Indonesian Policy Studies, Thomas Dewaranu (Mouab)

He explained this in the discussion of the Personal Data Protection Bill (PDP) and the Indonesian Digital Economy. This discussion was held by the Center for Digital Society (CfDS) Universitas Gadjah Mada, Yogyakarta, Thursday (21/10) night.

In terms of the digital economy, according to Thomas, trust is closely related to security guarantees. That is why, he said, it is important for Indonesia to immediately have a legal basis for protecting personal data. Unfortunately, Indonesia is relatively slow to discuss this issue. According to government records, the PDP Bill has been discussed since 2012, and entered the DPR around 2014 but has not yet been ratified this year.

In fact, said Thomas, the law is important to set limits. For example, for the business world, there is certainty to what extent data is collected, processed and what things are needed for data collection. Meanwhile, regarding the community whose data is collected, security issues are important, so clear rules will increase trust.

“If there is clear protection, framework clear regulations and policies, regarding the processing of personal data, it can increase people’s sense of security and encourage them to use platform digitally as needed wisely,” added Thomas.

Statistics e-commerce 2020 BPS said, of the 17,000 businesses or companies recorded, 73 percent of transactions were carried out through COD. Gorontalo, North Kalimantan, Bengkulu, Bangka-Belitung Islands and West Papua are the five provinces with the highest COD selection. The second method is bank transfer, which is done in about 21 percent of transactions. Only less than 5 percent of transactions are made through digital wallets or e-wallet.

Banking Prepare

Director of Basel and International Banking, Financial Services Authority (OJK), Tony, admitted that the digitalization of the banking sector cannot be avoided. This is mainly because people demand easier banking transactions. However, the potential for digital data leakage is of particular concern.

Director of Basel and International Banking, Financial Services Authority (OJK), Tony.  (Mouab)

Director of Basel and International Banking, Financial Services Authority (OJK), Tony. (Mouab)

Although the PDP Bill has not yet been passed, the banking sector already has a Banking Law that regulates the confidentiality of customer data. One of them, stipulates that the financial services sector cannot immediately share customer data with other parties, without the consent of its customers. However, said Tony, in the case of financial digitization, sometimes the problem is caused by the customer’s inaccuracy.

“Often the customers themselves are lacking aware to the risk of their data. What often becomes our problem, it turns out that it is the customers who give consent to share their data. In the case of a loan online legal, for example, customers give consent to access their data and disseminate their data, if needed,” said Tony.

Another problem that must be resolved in this regard, apart from digital literacy for the community, is cyber attacks. Tony does not deny that attempts to steal banking sector data often occur, and that is why OJK emphasizes the need for cybersecurity in this sector.

“In the near future, OJK will issue consultative paper regarding cyber security in the banking sector. We will launch OJK policies related to banking digital transformation,” Tony continued.

Jammed in DPR

Member of Commission I DPR RI, Muhammad Farhan admitted that the PDP Bill had been discussed for a long time, even since the previous legislator’s period. At this time, the DPR should have been able to complete it, but the reality speaks differently.

“During nearly seven years of discussion, we did face many problems. Because in general, we still have various kinds of differences in understanding, about what personal data is, and what is personal data protection,” said the legislator who is also a former radio broadcaster.

Member of Commission I DPR RI, Muhammad Farhan. (Mouab)

Member of Commission I DPR RI, Muhammad Farhan. (Mouab)

Farhan gave an example, a number of events that occur every day, to illustrate the differences of opinion in the DPR. For example, when someone enters a shopping center, and suddenly he receives a message from a cellular operator, containing a promotion for one of the outlets there. Or a certain number that can send a loan collection message, not to the borrower but instead to his friends, as is often done by loan managers online at the moment.

“Does that include an attempt to breach personal data protection?” Farhan said.

More complex, Farhan continued, is the operation of a number of data collection companies on the internet. The data is then compiled as behavioral patterns that can be sold for a particular campaign or promotion program. This complex scheme also needs to be discussed in the bill.

Another problem, apart from electronic data, is the public’s physical data. It is common practice, residents who take care of administration in the kelurahan or sub-district, must submit a photocopy of their ID card, family card or other letter. The DPR and the government need to decide whether, then, the photocopy of the identity document includes data that must be protected or not.

“If it needs to be protected, then we must sue whoever controls the data. Why did the paper end up in the fryer to become fried wrappers?” Farhan said with a laugh.

Online shopping, pay COD (Cash on delivery).  (Photo: illustration).

Online shopping, pay COD (Cash on delivery). (Photo: illustration).

All the debates regarding such matters that have occurred over the years illustrate the complexity of the problem. There is also no certainty that by the end of this year the PDP Bill will be completed, because the DPR only has 25 working days in November to discuss it.

“This includes the debate about the establishment of a personal data protection authority, which seems to have started to condense now to agree to be under the Ministry of Communication and Information. Then later on, a supervisory board for the protection of personal data will be formed which involves various kinds stakeholders” said Farhan regarding the problems that still need to be resolved in the future.

Need Global Compatibility

As a regulatory product, the PDP Bill cannot be separated from the rules that apply in other countries or certain regions. One of the factors is that some activities, such as the digital economy, do not have national boundaries.

The note was conveyed by Noudhy Valdryno, Public Policy Manager, Facebook Indonesia and Timor Leste, in the same discussion.

Noudhy Valdryno, Public Policy Manager, Facebook Indonesia and Timor Leste.  (Mouab)

Noudhy Valdryno, Public Policy Manager, Facebook Indonesia and Timor Leste. (Mouab)

“How do we make the PDP produced in Indonesia, later on, the standards can be recognized by the international community. Are you in or not overimplement, there is not any overcollection, there is not any over sanction. Keep open the space for innovation but can also facilitate cross border e-commerce,” kata Noudhy.

Noudhy reminded that Indonesia had signed the ASEAN Agreement, and automatically became a member of the ASEAN ecosystem. For this reason, it is necessary to standardize the exchange of data or information, for example between companies operating in different countries.

Therefore, despite the tremendous impact of the digital economy, the basic question still needs answers, and it seems that it has not been considered.

“How can our PDP be integrated with other regulations that will also facilitate ASEAN? Economic Agreement. And don’t forget, in ASEAN there is also ASEAN Privacy Framework, which we have also signed, “he added.

Therefore, when it is passed later, the PDP Law must be in line with similar laws from other countries. [ns/ab]

Check Also

China’s Military Power Is Expected To Overtake The US And Russia In The Near Future

A US military general warned that it was only a matter of time before China’s …

Leave a Reply

Your email address will not be published.