JAKARTA - Cyber security expert Pratama Persadha assesses the government's plan to place the Personal Data Protection Commission (PDP) under the National Cyber and Crypto Agency (BSSN) will not run smoothly or less than optimal.
The proposal emerged after there was a difference of opinion between Commission 1 of the DPR and the Ministry of Communication and Information (Kemenkominfo) regarding where the PDP Commission's position would be placed later.
"The discourse of placing the PDP Commission at the Kemenkominfo alone is disproportionate, then a discourse arose with the reason that a middle way for the PDP Commission under BSSN, this is not better. Moreover, the BSSN has just been formed, its authority is also not maximized," said Pratama in a statement received by VOI, Thursday, April 7.
"BSSN must be given a strengthening of authority in securing cyber areas, not even adding the task of handling disputes which will later be in the PDP Commission, this clearly deviates far from the ideals of personal data protection," he added.
According to Paratama, the birth of the PDP Bill must be made very powerful and unambiguous, so that it can carry out its functions optimally. For example, to regulate the obligations of corporations and state institutions to secure and regulate the private data of the people they manage, the PDP Commission must be in a strong position in the state hierarchy.
Pratama explained that the placement of the PDP Commission under Kominfo and BSSN would have the potential to collide with various interests because of the weak position of the PDP Commission itself.
"The PDP Commission is the spearhead of the PDP Law itself, so it must be placed in the highest possible position in order to carry out the mandate of the Law to the fullest," said Pratama.
Pratama added that the PDP Commission is an organization formed on the basis of a law, while the formation of the BSSN itself is based on a Presidential Decree. It is feared that this will cause problems in the future.
"BSSN needs to strengthen its authority to continue to oversee the security of our cyber area. We can see that throughout the pandemic, hacking and data leaks took place in state institutions, even including the BSSN itself, then in the Ministry of Health, the Police and other state institutions. Therefore, it is not wise to give BSSN a workload that is not its main function, namely personal data issues through the PDP Commission," said Pratama.
"Let BSSN focus on cyber security technical matters, coordination and technical authority that needs to be added, not by placing the PDP Commission under it," he continued.
Moreover, Pratama said, the PDP Law is to regulate the use and misuse of data, which is carried out by many large organizations, both private and state institutions themselves. Because of the risk of facing such great power, the position and authority of the PDP Commission should be given in the best place.
"Securing the cyber ecosystem, the protection of personal data is one of the most crucial in it. This has a serious effect, a weak PDP Commission will make the enforcement of the PDP Law weak, in the end, from an economic point of view, it will not be optimal, from a state security perspective it will also be dangerous because this is a large multinational organization as well," said Pratama.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)