KPU Legal Counsel Calls Information Related To Sensitive Alibaba Cloud
JAKARTA - The attorney for the General Elections Commission (KPU) said information related to typology, physical servers, servers-serverclouds (cloud storage) and networks, the location of each tool and network, to details of cybersecurity tools, including Alibaba Cloud, are sensitive information.
"We as the respondent convey that the information requested by the respondent is excluded information," said KPU attorney Endik Wahyudi in the Gambir area, Jakarta, as reported by ANTARA, Wednesday, March 27.
Endik explained that the exception of the information was based on KPU Decree Number 333 of 2024 concerning Determination of Public Information Excepted at the KPU.
He said the excluded public information was Sirekap (Recapitulation Information System), details and internet protocol (IP) addresses of Sirekap servers, Sirekap tools and networks, as well as details of cyber equipment and security.
Furthermore, he said, Alibaba Cloud and Sirekap services, procurement processes and Sirekap cloud services contracts, election results information in the form of raw data, as well as voter list information in general elections in the form of raw lists.
"Including open information as long as it does not contain personal information and/or the names listed have given written approval," he said.
Endik detailed that topology is excluded by considering potential security threats that are feared to provide insight to attackers to data theft.
He then explained that physical server information was excluded due to potential physical attacks such as theft or hardware manipulation, to phishing.
Next, he said, cloud server information was excluded because of the risk of account ownership, data theft, and data manipulation.
"Fourth, the location of each network tool is excluded due to the dangers of physical attacks," he said.
Furthermore, he said, information related to security equipment is excluded to deal with attacks, such as denial-of-service (DDoS) distributors.
"Lastly, regarding the details of Alibaba Cloud's services, including the procurement process between the KPU and Alibaba Cloud," he said.
He explained that although based on Article 11 paragraph (1) letter e of Law Number 14 of 2008 concerning Public Information Disclosure, it was open, but according to him, the information was sensitive.
"Which, if given in the form of original copies, will trigger the risk of malinformation in the community," he explained.
Previously, as many as three registered information disputes were submitted by the Indonesian Constitutional Rights Advocacy Foundation (YAKIN) as the reporter to the KPU as the reported party.
SEE ALSO:
Meanwhile, the information dispute trial includes a request for information with register number 001/KIP-PSIP/II/2024, which asks for real count information (real count) in the form of raw data such as daily.csv files.
Next, a request for information with register number 002/KIP-PSIP/II/2024, which asks for detailed information on KPU information technology infrastructure related to the 2024 election, including topology, physical servers, cloud servers (cloud storage) and networks, the location of each tool and network, to details of cybersecurity tools.
The petitioner also requested details of the Alibaba Cloud services used, including the process of procuring cloud services and contracts between the KPU or its representatives and Alibaba Cloud.
Finally, a request for information with register number 003/KIP-PSIP/II/2024, which asks for fixed voter list data (DPT) information and election results data which includes total votes, valid votes, raw and complete votes for the presidential, legislative and regional elections from 1999 to 2024.sal