Encouraging The Contribution Of The Digital Economy, The Bill On The Protection Of Personal Data Is Considered Urgently Needed To Be Passed
JAKARTA - Center for Indonesian Policy Studies (CIPS) researcher, Pingkan Audrine, believes that the ratification of the Personal Data Protection Bill (RUU PDP) needs to be done immediately in order to increase the contribution of the digital economy to economic recovery.
"The ratification of this bill needs to be done immediately to provide security guarantees for the creation of an inclusive and safe digital economy ecosystem," said Pingkan as quoted by Antara, Tuesday, June 21.
According to Pingkan, the discussion on the bill has been going on for a long time without producing any results.
Data from the Ministry of Communication and Information shows that the opportunities and potential of Indonesia's digital economy are predicted to reach US$146 billion in 2025 and increase to US$330 billion in 2030.
"This potential needs to be followed up, one of which is providing security guarantees for digital interactions, such as financial transactions and personal data security," said Pingkan.
He said the ratification of the PDP Bill would emphasize the responsibility of personal data controllers to maintain the security of users' personal data followed by sanctions for negligence or violations.
This will encourage personal data controllers to implement best practices to protect users' personal data.
Then, if the PDP Bill is passed, the data controller is required to submit a written notification no later than 72 hours to the data owner and the supervisory agency in the event of a data breach or failure of personal data protection.
The concept of transparency in reporting is very important. Currently, the applicable policy framework provides a grace period of 14 days.
In addition, it is very important for companies to be transparent, inform their users, and explain the steps that the company will take to mitigate risks and the steps that users must take in the event of a data leak.
"In addition to providing clarity regarding the obligations of data controllers, consumers as data owners are also expected to be well informed about their rights and obligations, what information they can share and which parties can assist them in solving problems related to digital economic transactions," he said. .
Pingkan said that currently, the protection of personal data is regulated by 32 laws and several derivative regulations.
As a result, the implementation and supervision of this issue is spread across various ministries/agencies. The misuse of personal data in e-commerce is at least regulated by the Telecommunications Law, the Information and Electronic Transactions Law (ITE), the Consumer Protection Law and the Trade Law.
Indirectly, the protection of personal data is under the authority of the Ministry of Trade and the Ministry of Communication and Information.
"Implementation and supervision of consumer protection will be difficult without strong coordination from these several ministries," said Pingkan.