In this global era where all human need is already integrated with technology, we live in a transparent box. Humans feel they have privacy, but in fact, everyone may know and access all information, even down to the most privacy of the person itself.
Earlier, Mark Zuckerberg, as CEO of Facebook gave his apology and clarification for the leak of personal data belonging to Facebook users. He did it in a few columns of newspapers in Europe and America. Then, on May 25, 2018 the EU will enact the GDPR (General Data Protection Regulation) of all EU residents as reaction and protection of the leakage of personal data of Facebook users.
On the other hand, technology is growing rapidly in ASEAN countries. The citizens in ASEAN countries also have been becoming media social users, so that in recent years ASEAN countries are aware of the importance of introducing data protection laws, such as rules govern on how private data is collected, used, disclosed and stored, especially to avoid leakage of such personal data. A total of 1.17 million Facebook users data on the Phillipines and 1.09 million personal data of Facebook users in Indonesia have been abused.
In practices, several countries in ASEAN such as Singapore, Malaysia and the Philippines are currently intensively enforcing laws related to data protection. The data protection arrangements in Singapore itself apply to organizations, individuals, companies, associations, and are governed by the laws of Singapore, so do in Malaysia and the Philippines.
Currently, Indonesia has a new and comprehensive draft law concerning the protection of personal data, and other previous related laws that are valid as listed below:
- Law Number 7 Year 1971 concerning Basic Provisions of Archives;
- Law Number 8 Year 1997 concerning Company Documents;
- Law Number 10 of 1998 concerning Amendment to Act Number 7 of 1992 concerning Banking;
- Law Number 36 Year 1999 concerning Telecommunication;
- Law Number 23 Year 2006 challenges Population Administration (UU Adminduk),
- Law Number 36 Year 2009 on Health;
- Law Number 19 Year 2016 concerning Information and Electronic Transaction.
Law Number 19 Year 2016 has not specifically regulated personal data protection of internet users, but it is explained that the use of any personal data in the electronic media shall obtain the consent of the owner of the data, and any person who infringed his right may file a claim for damages incurred based on article 26.
Thus, there is also Government Regulation No. 82 of 2012 concerning the Implementation of Electronic Systems and Transactions (PP PSTE). In Article 1 paragraph (1) of PP PSTE, it is explained that electronic system is a set of electronic devices and procedures that prepare, collect, process, analyze, store, display, publish, transmit, and/or disseminate electronic information. In accordance with Article 15 paragraph 2 of PP PSTE, if the data is leaked or failed to be protected by electronic system provider, the operator shall notify the owner of the data in writing.
It may be concluded that Indonesia already has rules governing the protection of personal data. Although they are not specific and comprehensive yet, but personal data protection is applicable on certain violations and abuses. Social media users should also be wise and aware to control over their personal data, so that it may not easily be misused.