Implementation of Personal Data Protection in Indonesia



The widespread use of digital platforms and the digitization of MSMEs is directly proportional to the increase in community interaction in the digital world, so that a conducive and safe digital ecosystem is increasingly needed. This is also the reason digital identity protection is very important.


The draft of the Personal Data Protection Law (RUU PDP) which has passed the public examination is expected to become a comprehensive policy instrument to improve the protection of personal data in Indonesia.


Quoted from katadata.com, according to a cybersecurity expert from the non-profit research institute CISSReC Pratama Persadha, the PDP Bill needs to be ratified immediately to encourage the industrial sector, government and society in general to adopt technology, including strengthening human resources (HR) to create a secure cyber ecosystem.


Government Calls for Improved Personal Data Protection


In several countries, issues related to privacy and regulations regarding privacy have begun to arise as a result of the move towards a more digital society. Currently, Government Regulation no. 71 of 2019 concerning the Implementation of Electronic Systems and Transactions (PP 71/2019) stipulates the obligation of Electronic System Operators (PSrE) to notify the owner of personal data in the event of a failure to protect the personal data they manage (data leakage).


According to the Director General of Information Applications at the Ministry of Communication and Information Semuel A. Pangerapan, the PDP Bill is a more comprehensive legal umbrella for personal data protection and can guarantee the protection of personal data for the public. However, the existence of adequate regulations is not enough without digital awareness and literacy.


Digital literacy plays an important role in efforts to improve the protection of personal data. There are three easy steps that can be taken to maintain the security of personal data: (i) being careful not to give consent or click on links that are not clearly sourced, (ii) not storing all passwords on cell phones or other devices that are not properly encrypted, and (iii) reserving the right to refuse irrelevant data requests.



New Implementation Rules


The latest implementation rules call for administrative sanctions to be imposed on violations of the company's obligations in implementing the PDP. Based on PP 71/2019, there are several principles regarding the collection and processing of personal data, namely that it be performed legally, that it guarantee the owner's rights, and that it protect the security of personal data from misuse, alteration, loss, and destruction. Furthermore, the collection and processing of personal data must be carried out according to its purpose and with the knowledge and consent of its owner. Such personal data should be deleted or destroyed except during the retention period.


VIDA's Co-Founder and CEO Sati Rasuanto explained in republica.co.id, that as a PSrE, VIDA has several principles in ensuring digital identity that is in line with the PDP Bill, namely security, consent and transparency.


VIDA's role as PSrE under Kominfo


As a PSrE, VIDA has helped the government's mission to create a secure digital ecosystem in Indonesia. VIDA guarantees the security of consumers' personal data in online identity verification process services through world-class technology and standards.


Armed with a VIDA electronic certificate, the decision to authenticate digital services or process digital signatures rests with the user entirely. VIDA safeguards the user's personal data and is used only for the user's purposes, by implementing end-to-end encryption for all data transmissions.


As a PSrE under the Ministry of Communication and Informatics, VIDA has the legality and validity of digital signatures in the eyes of the law and the courts. VIDA is the first PSrE in Indonesia to obtain global WebTrust accreditation for the application of internet security standards and the first PSrE from Indonesia to be included in the Adobe Approved Trust List (AATL) or Adobe's list of trusted partners. In providing online identity verification services, VIDA is also listed as an e-KYC Cluster Digital Financial Innovation (IKD) provider registered with the OJK and the regulatory sandbox at the OJK.



About VIDA Verify


VIDA Verify is a solution from VIDA to verify digital identity to help service providers verify their customers with a high level of security and increased user convenience. VIDA uses several official references and legal sources from a real-time identity database to verify the identity of users so as to prevent online identity fraud by up to 90%. VIDA stores customer biometric data with customer permission and approval, which is used only for verification purposes required by customers and service providers.


VIDA uses several technologies and AI to perform identity verification, mainly using Biometric Verification and Liveness Detection with various integration models that can be tailored to the needs of service providers.


To find out more about VIDA Verify or use our service right away, please click here.




Read: 7 Ways That Biometric Verification Can Prevent Personal Data Forgery

71 views0 comments