JAKARTA - The PeduliLindung application is again a public conversation. After being suspected of having user data leaks, now several information technology practitioners have revealed allegations of improper sending of PeduliLindung data outside the application server. And after being traced, the user data was allegedly channeled to a domain whose address had something to do with the Blanja website, a subsidiary of Telkom. The question is what is the data for?

The news stems from the analysis of a Security Engineer, Yahya F. Al Fatih. Through his Youtube video, he revealed that two anomalies were found. First, the application stores device data manually, secondly the data is allegedly sent to strange websites outside Indonesia.

Yahya's curiosity to analyze PeduliLindung's data appeared when someone on Twitter asked why this application needed search history and browser history data from its users. For this reason, he performs static and dynamic analysis to see how the application works.

Strangeness appeared. The first is about why the application sends user data manually to a database outside the PeduliLindung vendor. The contents of the data are more or less the name, event, login time, device name, device memory, device operating system, application version, cellular operator. And according to Yahya, in fact the application plans to record more data than that.

"But in reality they plan to record not only that data, this data as well: country; city; longitude; latitude; activity1; activity2; activity3; custom1; custom2; custom3; email; name; phone; gender; ip address," he said. Yahya to VOI.

Yahya explained why this manual data recording is called an anomaly. The problem is, he said, when it comes to user activities, PeduliLindung already has an analytical data storage vendor from http://app-measurement.com and crashlytic vendors. "So why send manuals on these activities?" said Yahya.

Results of the analysis (Source: Yahya F. Al Fatih)

Yahya sent an image of the data that was planned to be recorded. But he said it was just a plan, because from what you can see in the picture, the data written '-/n' means empty. "I don't understand if the blank data was actually recorded or not."

The weirdness doesn't stop there. According to Yahya, the data that had been recorded or planned to be recorded was sent to the track.analytic.rocks website. "If you describe it, there is a trusted network that clearly has a PeduliLindung vendor, and there is track.analytic.rocks, which it's not clear who owns it."

And apparently from Yahya's analysis, the track.analytic.rocks domain is related to Blanja, an e-commerce site that was once created by Telkom in collaboration with eBay. "To be precise, the track.analytic.rocks domain has something to do with Blanja where the vendor is a subsidiary of Telkom."

PeduliLindung data flow overview (Twitter/Not Yahya)
About Blanja

As is known, Blanja or Blanja.com is a joint venture company between PT Telekomunikasi Indonesia and eBay. The company officially ceased operations on September 1, 2020. However, the closing of Blanja.com was not judged to be due to losing competitiveness with other e-commerce.

As disclosed by Telkom's Director of Digital Business, Fajrin Rasyid, the reason for closing Blanja.com is because Telkom will only focus on the e-commerce business in the corporate and MSME segments through business to business (B2B) transactions. "This is part of the company's strategic steps to develop the e-commerce business in a better direction, in line with the company's long-term strategic plan in order to increase the company's profitability," said Fajrin.

Ignatius Untung, General Chairperson of the Indonesian E-Commerce Association (idEA) confirmed the reason for the cessation of Blanja.com operations. According to him, the closing of Blanja.com was because he wanted to shift his focus to the corporate and MSME segments. And that doesn't mean the platform, a subsidiary of PT Telekomunikasi Indonesia, can't compete with other competitors.

“Blanja.com is not not strong enough to compete but does not want to compete with them [other e-commerce]. Telkom and eBay have the ability and money, even to fight e-commerce giants such as Shopee, Tokopedia, Blibli, Bukalapak, and Lazada," he explained, quoted by Bisnis.

Even uniquely, Telkom's stock rate rose after the company announced the closure of the Blanja.com site. Based on Bloomberg data, Telkom shares rose 1.38 percent or 30 points to 2,940 on Wednesday, September 2, 2020.

The most valuable commodity

Coming back to the data, we are still facing a number of big problems related to it. Especially regarding the commodification of personal data. Maybe there are still many people who underestimate the importance of individual personal data. Not a few also underestimate the "price" of the digital data we have, especially those related to privacy.

Maybe from the perspective of one person's personal data, there are still many who think it is not too valuable. But the story will be different if the data is collected in large quantities or commonly called big data.

According to Yahya, it is easiest for us to see that personal data can be used for the purposes of advertising targets and selling data. "Obviously (the use of data) is for data and advertising targets... If selling data as in, it is not a public business model," said Yahya.

And back to the data that PeduliLindung allegedly sent to the track.analytic.rocks domain, according to Yahya, it remains a mystery. "We don't know what server is used for."

In the article entitled Who is the Master of Personal Data and Why is it Important to Master it, it is explained how valuable personal data is, especially when used for business purposes. In the midst of a high dependence on human digital activities, personal data is even the most valuable commodity on earth beating oil.

For example, last year, US technology companies overtook Saudi Arabian oil company Aramco as the world's most valuable company. Apple's stock was recorded to have ended at the level of 425.04 US dollars with a market capitalization of 1.82 trillion US dollars in trading on Wall Street. Meanwhile, Aramco, which has become the most valuable company since going public last year, recorded a market capitalization of 1.76 trillion US dollars.

"The shift in the world that is increasingly digital causes the value of data to be higher. Data is the most valuable commodity on earth today. In the past, black gold, oil. Now, the big ten (on Wall Street) are IT companies. So, de facto, data is the most valuable commodity," cybersecurity expert Alfons Tanujaya told VOI.

In addition, Alfons believes that the COVID-19 pandemic will control the price of personal data. Because this disaster will encourage extraordinary penetration in the digital business sectors, especially e-commerce.

"Without COVID-19 alone, data becomes the most valuable commodity. With COVID 19, (the value of data) accelerates tremendously. E-commerce penetration is more powerful. WFH people. This makes data that supports the e-commerce business become the most valuable commodity again," said Alfons .

This is also evidenced by the notes inscribed by Amazon on Wall Street. The company that provides online retail market as well as cloud computing service provider managed to inflate more than 90 billion US dollars. The additional capitalization value of 5 billion US dollars was inscribed by Jeff Bezos' company on Thursday, April 30.

Capital market observer Hans Kwee presents a view of data as money. According to him, technology companies like Apple and Amazon have such large databases. In the realm of the business market, mastery of personal data is important.

"In practice, this data is carried out by Facebook, Google, Twitter, it maps people's personal data. What is this hobby? Once the data is there, it becomes expensive. Because we can sell effectively," said Hans.

"So, economically, I want to sell goods. I have a product called a cellphone. Now, if I advertise, everyone sees it, it's not useful because I am not a segment of people. So personal data is what makes sales effective," he said.

*Read other information about PeduliLindung or read other interesting articles from Ramdan Febrian Arifin.

Other BERNAS


The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)