Indonesia Cyber Crime Emergency, Tokopedia Has Leaked Data Of 91 Million Users: The Ratification Of The Personal Data Protection Bill Is Considered Urgent

Illustration (Photo: Doc. Antara)

JAKARTA - Chairman of the Indonesian Cyber Research Institute, Pratama Pershada, said the government and parliament need to accelerate the ratification of special regulations that can be used as a legal umbrella for consumer protection related to digital activities and data protection.

According to him, this is very much needed in the midst of the massive development of information technology in recent years. Moreover, there are many records of cyber violations that harm the community.

“Why are there frequent weaknesses, frequent data leaks? Because indeed in Indonesia there are no rules that can force all electronic system operators to secure their systems," he said in a virtual discussion themed Indonesia Cyber Crime Emergency on Tuesday, November 9.

Pratama added, this is exacerbated by the absence of comparable rewards that can be imposed on digital security violators.

"There are no strict sanctions when there is a data leak or an attack on a system occurs," he said.

For this reason, Pratama assesses that the ratification of the Personal Data Protection Law (PDP) can be a comprehensive solution to present a good data security ecosystem.

"With the PDP Law, it should be able to force all electronic system operators to secure their data, because if they are not prepared, criminal and civil penalties will await," he said.

Pratama stated that one of the sanctions that can be applied is a fine with a large enough amount so that it has a deterrent effect on the perpetrators of digital crimes so that they do not happen again in the future.

"The state can give a fine of up to Rp. 100 billion if it is proven that there is a crime or negligence that causes public data to leak. Until now, no, at least only a warning or a maximum written warning," he said.

One of the things that this IT expert highlighted was the problem of data leakage that occurred in an online trading company in the country.

“For example, Tokopedia has clearly leaked 91 million consumer data, but until now they have not been punished, why? Because they put themselves as victims. This shouldn't happen again. If there is a PDP Law, the manager can be subject to an article," he said.

He also then compared the legal instruments in several countries that already had laws-level regulations to protect consumer data.

“In Hong Kong there is a maximum prison sentence of two years and a fine of $1,000 per day. Then, in Singapore a prison sentence of three years and a fine of up to 790,000 dollars. Then in South Korea there is a prison sentence and a fine of up to 92,000 dollars," concluded Primary.