Observers Express The Implementation Of Payment ID Needs Solid Regulational And Security Basin

JAKARTA - Jakarta Veterans UPN Public Policy Economist and Expert Achmad Nur Hidayat assessed that the use of the Population Identification ID system (NIK) is a progressive step towards a modern digital financial system.

However, he reminded that the implementation of this policy without strong regulatory support and reliable security infrastructure is at a very high risk.

"The government should learn from cases of data leakage in the past, as well as imitate countries that place data protection as a national priority. Before Payment ID is implemented, ratification and enforcement of strong data protection regulations must be a priority," he said in his statement, Thursday, August 7.

He said that the regulation must contain strict sanctions for all parties, both industry and government institutions who neglect to maintain data security.

In addition, Achmad added that independent audits and supervision were needed by various parties to prevent the monopoly of data access.

"Every access must be recorded, audited, and searchable," he said.

He said that public education and socialization is also very important so that people understand their rights to personal data and know how to protect themselves from potential abuse.

Achmad said the government must ensure that the security system, including anti-hacking, data encryption, and disaster recovery, had been running optimally before Payment ID was launched.

"Digitalization is a necessity, but it must go hand in hand with the enforcement of citizen digital rights. NIK-based Payment ID can bring Indonesia to the modern financial era, but without solid data protection, we only exchange comfort for potential loss of privacy and digital sovereignty," he said.

He conveyed that Payment ID must be closely maintained not only by the government, but by the entire nation's ecosystem.

"Don't let, for the sake of efficiency and convenience, we open the door to a greater threat to the nation's rights and future," he added.

Achmad said the Government could learn from other countries about regulations and strict sanctions such as EU member countries having shown a strong commitment to data protection through regulations such as the GDPR (General Data Protection Regulation).

"Every institution that neglects to protect citizen data can be fined billions of euros. Right to be forgotten is guaranteed, and data access must be reported transparently," he stressed.

He conveyed that although Indonesia already has the Personal Data Protection Law (UU PDP), its implementation is still not optimal and sanctions against data violations are often not consistently enforced, both for the private sector and government agencies.

"If Payment ID is implemented before the regulations are mature, we will only add new risks without a real solution for protecting people's digital rights," he concluded.