JAKARTA - The increasing number of activities carried out online makes the risk of misuse of personal data even greater and leakage of personal data can occur even though maintenance has been carried out. In addition, the forms of attacks in cyberspace are increasingly diverse, both technical and social personal attacks and exploitation of sensitive issues in the community.

This was conveyed by the Director of Information and Communication, Politics, Law and Security, Ministry of Communication and Informatics, Bambang Gunawan, in his remarks represented by the Head of the Legal and Human Rights Information and Communication Team, Astrid Ramadiah Wijaya, at the Digital Law and Human Rights Literacy Forum (Firtual) with the theme Cermat and Critical Protect Personal Data in Makassar 16 February).

"Several cybercriminals also continue to take advantage of the development of existing digital technology to create new modes of crime, such as data theft cases using failed types of Application Package Files or APK under the guise of wedding invitations or by utilizing social media facilities that have the potential to cause fraud or theft of personal data," he explained.

President Joko Widodo has passed Law Number 27 of 2022 concerning the Protection of Personal Data on October 17, 2022. This is a marker of a new era of community personal data management, especially in digital affairs. The Ministry of Communication and Informatics continues to encourage the implementation of educational programs, literacy, and increased awareness of personal data protection (PDP) that involve various parties on a wider scale. This aims to provide understanding to the public regarding the implementation of the PDP Law and encourage the public to pay more attention to the confidentiality of their personal data.

"This socialization is expected to be a moment for all system managers, both government and private, to move together to maintain the security of personal data and increase public digital literacy to be more aware of the security of personal data," he said.

Starting the first session, Plt. The Head of the Makassar City Communications and Information Service, Ismawati Nur, said that actually personal data is the rights and constitutional rights that are protected. According to him, the public must also be able to measure which data can be submitted to people or other institutions.

"Always do the concept of thinking when you are about to act, both offline and online because we have to take action under our natural awareness. The key is self-security comes from our self-control," he explained.

According to him, Kominfo as part of the government is given a very large role to play in protecting electronic activities, both web-based and mobile. He revealed that currently Kominfo is building an electronic-based government system, including cybersecurity.

I always warned to always be aware (aware). The key to personal data security is awareness and understanding of what can be shared and what must be covered up. That's all the key, think before acting, think before clicking," he said.

Regarding the Personal Data Protection Law (UU PDP), the Head of the Personal Data Protection Supervisory Team of the Directorate General of Aptika, Ministry of Communication and Informatics, Rajmatha Devi, who was present online, said that the presence of the PDP Law would provide a universal primary regulation for Indonesia to maintain and regulate the protection of personal data of Indonesian people wherever they are.

"This PDP Law also regulates community participation and prohibitions in the use of personal data that can result in criminal sanctions. In the future, we must be more careful regarding the protection of personal data," he explained.

He also revealed that the PDP Law regulates in detail the way personal data is processed, starting from data acquisition, where a person's personal data is collected, processed, stored, updated, displayed, and announced, until the data is deleted.

Personal data processing by personal data controllers or data managers must be based on the principles of personal data processing and must have a legal basis to be able to process these personal data. This is all in the law," he said.

In addition, he also said that the point of view of the PDP Law is the subject of Personal Data, or the owner of personal data itself. This law emphasizes the rights of Personal Data jurisprudence, especially in the management of personal data.

These rights which are then answered in the PDP Law with the obligation to Control Personal Data to be able to fulfill and ensure that the rights of Personal Data Subjects can be carried out. So Personal Data Control or companies and anyone who manages personal data must fulfill all their obligations in this law," he said.

On the same occasion, Cybersecurity Practitioner, Budi Rahardjo, who was also present online said that cybersecurity issues in Indonesia are no different from other countries. According to him, the only thing that distinguishes is the scale problem due to the large number of people and internet users in Indonesia.

There are actually only three cyber security issues, namely confidence, integrity, and availability. Confidentity or confidentiality which means data must not be leaked, integrity means data must not change, and the last thing is availability, namely the system must always run," he explained.

Regarding privacy or personal data, according to Budi, it is included in the confidence. He added that personal data is important because it is often used as part of authentication to recognize someone in cyberspace, such as passwords, PIN (personal identification number), cards, cell phone numbers, and biometrics such as fingerprints and faces.

Budi argues that, related to personal data, problems common to passwords (keywords) and PINs. According to him, if a survey is conducted, it is almost certain that the date of birth, both yourself and your relatives, is used for passwords and PINs.

"In Indonesia, we consider the KTP to have leaked and has become a part that is known to people. So that application developers should not be allowed to use ID cards anymore to be part of the authentication. So if there are applications or services that ask for ID cards as part of the authentication, I think it's wrong," he explained.

Budi also said that to create a good password, don't use personal data or those related to us such as date of birth or address.

Budi also added tips, "Don't use the password of the words in the dictionary, it's not allowed, because the computer will try to crack using the dictionary. Passwords must also be updated (updated) periodically and don't use the same password for different services."

The factual event, which was attended by more than 400 participants from students, students, and the general public in a hybrid (offline and online) manner at Novotel Makassar Grand Shayla, can be watched again on the YouTube channel of the Directorate General of IKP Kominfo. This activity aims to provide understanding to the general public regarding the implementation of the PDP Law, the importance of cyber security, the risk of personal data theft in Indonesia and invites the public to be careful and critical in maintaining the security of personal data.


The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)