Member of the House of Representatives (DPR) Commission I Willy Aditya criticized the Ministry of Home Affairs for providing population data access to 13 banking and non-financial institutions. He also considered that the company’s reason for requesting access to citizens’ personal data to the Ministry could not be taken for granted.
According to Willy, Law No. 11/2008 concerning Information and Electronic Transactions (UU ITE) clearly limits access to personal data. “Because this personal data concerns citizens ‘privacy rights that must be protected, anyone who makes citizens’ data accessible to others must meet the requirements of the law,” Willy said in a written statement, Friday, June 12.
Willy said that the Ministry of Home Affairs may open access to the subject of data approval. It must also meet the security and protection requirements affirmed by ITE Law and Minister of Communication and Information Regulation Number 20 of 2016.
This NasDem Party politician also questioned the approval of data subjects for the decision taken by the Ministry of Home Affairs. He also questioned the data protection system certificate from the collaboration between the ministry and the companies.
The Directorate General of Population and Civil Registry Agency (Dukcapil) of the Ministry of Home Affairs previously signed a collaboration on the utilization of population data with 13 banking and non-banking financial institutions.
Director-General of Dukcapil of the Ministry of Home Affairs, Zudan Arif Fakrulloh argued that his party did not provide access to population data, but only access to customer data verification.
Zudan said these institutions were required to provide and maintain the confidentiality of customer data. The data is then matched with Dukcapil data.
According to him, the Ministry of Home Affairs population data was basically used for all purposes, including public services, development planning, budget allocation, democratic development such as elections, as well as law enforcement and crime prevention.
Zudan claims that not just any institution can propose cooperation on the utilization of this population data. He said there were a number of conditions that had to be met, including the company’s legality, recommendations and approval from the Financial Services Authority, and others that had been regulated in the law.
Executive Director of the Institute for Community Studies and Advocacy (Elsam) Wahyu Wagiman criticized the Ministry of Home Affairs’ move to provide population data to 13 financial institutions. The data is vulnerable to misuse by other parties.
Wahyu said that he did not rule out the possibility of the data being used by third parties for his interests, without the permission and knowledge of the data owner. This abuse can be the inclusion of advertisements that are not desired by the data owner, even being misused for conducting transactions on behalf of the owner of the population data.
The Ministry of Home Affairs, Wahyu said, as the party responsible for managing population data should have considered these impacts before adopting a policy of cooperation with the 13 financial institutions. Cases of hacking of personal data should be used as a reference.
Member of DPR Commission I, Sukamta said that currently, the aspect of protecting data is indeed prone to not being fulfilled, because the Personal Data Protection Bill (PDP Bill) will only be discussed at the DPR this year.
The Deputy Chairperson of the PKS Faction emphasized that valid population data is indeed for the benefit of national development. Including of course for business affairs that turn on the pace of the economy.
Sukamta continued that his party would manage this data access issue later in the discussion of the PDP Bill. In this discussion, it will be emphasized regarding who can access personal data, what are the terms and limits, what are the terms of monetization from accessing this data (whether it needs to be paid or free), and so on.
He said strict sanctions would also be regulated in the PDP bill to be able to provide a deterrent effect in order to minimize data misuse.
The thirteen institutions are PT Affinity Health Indonesia, PT Ammana Fintek Syariah, PT Astrido Pasific Finance, PT Bank Oke Indonesia Tbk.
Then PT BPR Tata Karya Indonesia, PT Commerce Finance, PT Digital Alpha Indonesia, Dompet Dhuafa Republika Foundation, PT Indo Medika Utama, PT Mitra Adipratama Sejati Fina.