– Indonesia ICT status
Since 2010, the Indonesian Internaltiona Communication Technology (hereinafter referred to as 'ICT') market has grown at an average annual rate of 13%, solidifying its position as the largest digital market in Southeast Asia by the end of 2010. Huge ICT companies have grown into Asian unicorns.
This is because the number of ICT users has increased further as the mobile usage of young Indonesians increases and the urbanization of the region and the lifestyle of Indonesians change. Furthermore, this market has developed.
In the future, in Indonesia, active businesses will occur in various ICT industries such as big data, digital payment and cyber security, artificial intelligence, Internet of Things (IoT) and even cryptocurrency, which have already grown significantly in other developed countries. Infrastructure development for data storage and data processing is expected to accelerate. As a result, data security capabilities are becoming more important with the development of infrastructure in the data industry. In a survey on the most important factor in choosing a cloud provider before the pandemic, 77% of Indonesian enterprise respondents said that the solution's ability to work well with existing solutions/IT infrastructure was the ability to integrate, and 62% of respondents said that security ability was not. answered that it is important. However, after the pandemic, this order has changed where security capabilities are more important than the interoperability of existing solutions. As the digital business expands in the future, security capabilities have become the most important factor when selecting a cloud provider, and this point will not change in the future.
However, at a time when the importance of rapid ICT growth and security is being emphasized, the enactment and application of Indonesian law, which is still not speeding up, is approaching as a problem. For example, in Indonesia, where consumer protection and data protection laws for overall ICT-related services are not yet clearly enacted, a large number of personal information uploaded by individuals is exposed to the risk of misuse, and consumers' personal information is easily transmitted to third parties or third parties. As it is delivered to companies, there are problems of secondary and tertiary damage. In this article, we will look at several legal considerations affecting the ICT sector in terms of consumer protection and data privacy.
Act on the protection of personal information
According to the government decree GR 71/2019, in order to acquire all electronic personal information, it is stipulated that personal information must be clearly informed of the purpose of obtaining information from the individual and the consent of the individual must be obtained. In addition, it is emphasized that personal information obtained by electronic information service providers should be limited in their use and used appropriately for their purpose.
In addition, for the protection of personal information, except for purposes restricted by law (eg. national security information and financial information), the right to access personal information held by the company without any data system restrictions and personal history You can go to the right to acquire.
However, in reality, according to Indonesian law, there is no specific law enacted about the clear meaning of the 'purpose' itself and the limit of the scope, and it is a reality in Indonesia that businesses are using the purpose by interpreting it broadly depending on the situation.
The underlying law for processing
According to Indonesian law, in order to process and analyze personal information with personal information, the purpose of collection must be accurately informed at the time of obtaining his or her electronic information from an individual, and personal information may be used only for the purpose for which it was notified. . Therefore, in order to analyze and process any information, it is necessary to obtain each consent for the action, and if an individual does not want processing, he/she has the right to refuse processing, and such information must not be passed on to a third party. No.
However, in Indonesia, there is no precise concept of processing or a law according to it, and there is no law that can clearly sanction the illegality of processing when it is processed.
Restrictions on the use of personal information
According to Government Decree GR 71/2019, if the purpose of using personal information has ceased to exist, personal information for that purpose must also be deleted at the request of the individual. A company can retain personal information for 5 years, but if an individual wants to delete personal information, the business operator has an obligation to delete the data.
conclusion
Currently, many developed countries are enacting the Personal Information Protection Act and laws to promote the use of information and communication networks in order to activate the use of data. In other words, the use of data is promoted so that various businesses can do business using the information, but the law has been revised so that personal information is not damaged as much as possible, so that, in any case, personal information is not directly transmitted to a third party and misused. . In spite of this global trend, the Indonesian government has not yet enacted laws for safe data use or fundamental laws for safe business use with information.
In the future, if the data usage rate increases and IT technology develops further in Indonesia, it will be difficult to protect personal information and IT-related matters to respond to various changes with a simple law. Therefore, in order for many Indonesian IT companies to conduct business more freely and for users to trust and trust such companies, Indonesia's active efforts and will to improve are necessary. it looks like