The existence of the Personal Data Protection (PDP) Law is not only needed to encourage institutions to strengthen the security of people’s data.
By
RINI KUSTIASIH/NIKOLAUS HARBOWO/DIAN DEWI PURNAMASARI
·5 minutes read
JAKARTA, KOMPAS — The passing of the bill on personal data protection into law is a necessity in the midst of rampant data leakage and vulnerability of information systems in private or government institutions. However, the deliberation of the bill is facing a stalemate if there is no immediate agreement between the government and the House of Representatives regarding a number of crucial aspects.
The existence of the Personal Data Protection (PDP) Law is not only needed to encourage institutions to strengthen the security of people’s data. It is also needed so that in the midst of cross-country data exchange there are rules that are compatible with other countries. Based on data from the United Nations Conference on Trade and Development as of April 2020, 128 of 194 countries already have PDP legislation.
Deputy Chairman of House Commission I, Abdul Kharis Almasyhari, when contacted on Monday (22/3/2021) from Jakarta, said he fully understood the urgency of discussing the PDP bill quickly. However, the fact that the 2021 Priority National Legislation Program (Prolegnas) has not yet been passed makes the commission and the government unable to schedule a deliberation meeting again. He guaranteed that the discussion of the bill would be continued or extended. The House Working Committee (Panja) in charge of the PDP bill had its last meeting on 20 January 2021.
The PDP bill has been discussed in two sitting sessions since the Panja in charge of it held its first meeting on 1 September 2020. When this current sitting session opened after the recess on 8 March 2021, the 2021 Priority Prolegnas also had not been ratified in the House plenary session. In fact, on 10 April the House will go on another recess.
Difference of views
The discussion of the PDP bill also faced differences in views between the government and the House on a number of crucial issues. One thing that stands out is the position of the data management supervisory agency.
Kharis said that all factions in the House wanted an independent monitoring agency. However, the government does not regulate the existence of this independent supervisory agency. The existence of the independent supervisory agency refers to the stipulations in the General Data Protection Regulation that apply in the European Union.
"In the last discussion, the government wanted the supervisory agency to be under the Communication and Information Ministry [Kominfo]. That is what makes the difference,” said Kharis.
Member of House Commission I, Sukamta, said the existence of this supervisory agency was also a determinant factor of whether the PDP Law in Indonesia was equal to that of other countries. The comparability of the PDP Law is the main requirement in international data transfer and the enforcement of the extraterritorial principles of the PDP Law.
In the last discussion, the government wanted the supervisory agency to be under the Communication and Information Ministry
Regarding the supervisory agency, Communications and Information Minister Johnny G. Plate said the data management supervisory agency should be run by the government\'s National Data Center. The data center is under the Communications and Information Ministry and is led by officials at the Pratama level (Echelon II). In many countries, he said, the agency that monitors data management is also run by the same institution.
According to Johnny, the government is serious about the PDP bill. The government believes the movement of personal data must be protected through the consent of data owners.
"The government is serious. That is why the academic paper and the draft PDP bill have been submitted to the House. Regarding the substance, article by article [whether it is approved or not], it will await the dynamics in the House. The government agrees that Indonesia must immediately have regulations that will protect personal data," he said.
Member of House Commission I from the Golkar faction, Christina Aryani, said the differences between the government and the House must be abridged. The issue regarding oversight institutions and data aggregation will trigger the deadlock.
"These two crucial issues can trigger a deadlock if there is no agreement between the working committee (Panja) of the government and the House. We encourage a common ground. It can be achieved through meetings outside the Panja. The goal is for this bill to be completed quickly," he said.
These two crucial issues can trigger a deadlock if there is no agreement between the working committee (Panja) of the government and the House.
He urged the discussion of the PDP bill to be completed this year, given the importance of the bill. Several points in the bill are seen as breakthroughs in protecting citizens\' personal data. The important points include the need for data approval in data management, detailed arrangements regarding data transfer between data managers and third parties as well as the presence of special officials who regulate data protection by data managers (data protection officer, DPO).
Previously, the head of the National Cyber and Crypto Agency, Lt. Gen. (ret.) Hinsa Siburian, emphasized the importance of the PDP bill. The bill is also related to the digital economy, in which personal data is freely exchanged so that Indonesia needs regulations that, when juxtaposed with other countries, are compatible and protect the people’s personal data from the world\'s economic giants.