In this rapidly and massively growing digital era, there are both positive and negative impacts. One of the positive impacts that occurs is the increasing transparency of information and this certainly strengthens the implementation of the 1945 Constitution Article 28F which guarantees receiving or conveying information. Meanwhile, the negative impact that is very felt is about being offended or conveying misleading information or hoaxes that can interfere with the realization of the mandate of the 1945 Constitution Article 28G regarding the protection of personal, family, etc.
In the development of digitalization, the social impact that is formed in society is more inclined towards social evolution where human habits change slowly from internet technology to cellphones. Recently, the term disruption which is often put forward by start-up companies or start-ups can prove that human behavior can change with the application of technology. Tokopedia and Gojek are real evidences that have changed people’s lifestyles. Tokopedia is changing people’s habits in shopping and doing business by transacting from home, as well as opening a business with small capital without having to rent a place. Even Tokopedia is proven to be able to contribute to 1% of Indonesia’s GDP. Gojek changed the habits of the people who previously did not dare because of the bad stigma of basic motorcycle taxis to be brave to ride motorcycles. This disruption phenomenon has proven that this digitalization era has come and Indonesia must be ready to face it.
COVID-19 causes the world to quickly adapt to uncertain situations. With this acceleration it will be very dangerous when digitization is not balanced with education, then the level of abuse of this digitization can be very dangerous. The phenomenon in the midst of the development of social media about “attacks” against other individuals can be anything, both psychological through electronic and physical media that can occur due to misuse of electronic media. Although this problem has been answered by the ITE Law,
However, this implementation that is not accompanied by education has actually become the fruit of a simalakama that “silences” people’s freedom of opinion. In this digitalization era, of course, the role of software developers cannot be ignored, they as practitioners have a very important role in guarding and protecting the rights that must be protected.
In the digitalization process, of course, many parties are needed to be involved in facing this challenge. Currently, all public and private services can be accessed or using the internet. Of course, its application requires careful consideration in the process of storing, collecting, and processing personal data that “must” be entered into the device to be able to use the online public service system. If personal data is not protected or used for negative things, then other people will be able to use public facilities that are not their right to access, so that personal data is no longer “personal” data. So it is necessary to use the mechanisms as a minimum standard of data security.
The General Data Protection Regulation (GDPR) is a law that is owned and initiated by the European Union which is used as a reference by countries that have established data protection. According to the European Union itself, GDPR is one of the most stringent regulations regarding data because of its comprehensive protection. This GDPR “must” be determined by every company that has users of European Union citizens or operates in the European Union without exception. Without exception, this is a debate for other countries, because to be able to implement this GDPR requires a lot of resources, so that some say that the GDPR is not pro to startups.
France is one of the countries taking this GDPR seriously. This is evidenced by the case of CNIL (the GDPR monitoring agency) which fined Google €50 million. This is taken seriously at the level of making the application or software. In this case Google does not explain what the collected data is used for. This positive role is great for safeguarding someone’s personal data from being accessed irresponsibly. Although many say that this does not support MSMEs, this is also considered in terms of state security and sovereignty, which cannot be separated from vital data that can be misused by unscrupulous persons.
Indonesia actually has the same direction as the European Union, namely making a Personal Data Protection Bill which will regulate the management of personal data. However, there is still much unanswered by the PDP Bill, especially regarding digital data. This PDP bill still only covers non-digital data that is converted into digital form. Phone number,
email addresses, locations, and other digital data are still not mentioned in this bill. Even though the GDPR and the California Consumer Privacy Act have included digital data as a definition and things that companies must protect. In addition, the reporting system is still only to the minister, it is necessary to establish an independent commission that indeed functions as the protection of this personal data, which functions to monitor, educate, and has the authority to carry out enforcement actions that violate this.
This digital data case is a case that is still hotly happening, one of which is the case of illegal online loans that “spread terror” against family, relatives, and friends who are on their cellphones. In addition, many also “edit” photos that are used to frighten borrowers, this has the potential to violate the ITE Law Article 28 paragraph 1 which spreads false news against an individual. Not only that, there are those who spread immoral images, which are personal data stored on the cellphone, which can be accessed by the online loan application, which then distributes the image. In this case, of course, the developer of this application violates the Criminal Code Article 282 paragraph 1, as well as Article 4 of the Pornography Law. However, the point of view that needs to be completed is how does the application get contacts, pictures, or other electronic documents? Handling this digital data must involve developers because they are in direct contact with data collection and processing. The PDP Bill has also discussed this matter, but there is still a lot that needs to be complemented by a point of view, especially digital data, not only digital data.
Solving these challenges requires seriousness, and requires a more philosophical approach to what is digital personal data and digital data. In essence, the law is a way to achieve a protection for the community, so the law must have a clear definition compared to mentioning each case one by one, because in this world of technology that continues to develop, terms will also develop. A more definitive approach would be better able to describe what should be protected.
In this case, public officials must immediately change the inefficient mechanisms so that the law can keep up with this rapid technological development. In terms of law enforcement regarding personal data, it is necessary to have an independent commission that has the dedication of time, vision, and mission to be able to uphold the objectivity of a problem. And this independent commission must have educational facilities, both to the community and to the company so that this approach is also comprehensive from users to creators.
The way to enforce it can use verbal (persuasive) control, as did CNIL, which fined Google, which symbolically raises a picture of who is a role model in its implementation. In implementing this, it is not yet time to take violent action that creates a sense of deterrence because this is a very new thing, not only in Indonesia but also in this world. Adaptation and education must be prioritized in the solution. Of course, in this educational process, it is necessary to have a “legal certainty” which also functions as a tool that is equipped with an explanation because it is in the context of education.
Sekolah Pasca Sarjana Universitas Airlangga
[email protected]
