KKI's lawyer, Akhmad Zaenuddin, in a written statement here on Wednesday, cited Tokopedia's negligence as the reason behind the leak.
In line with existing laws, personal data is confidential and must be stored, maintained, and protected.
The regulation is contained in Article 1, number 22 of Law Number 24 of 2013 on Amendment to Law Number 23 of 2006 on Population Administration in conjunction with Article 1, number 20 of PP Number 71 of 2019 on Operation of Electronic Systems and Transactions in conjunction with Article 1, number 1 of PM of Communication and Information Number 20 of 2016 on Protection of Personal Data in Electronic Systems.
The state necessitates every party that obtains personal data to maintain confidentiality and protect the personal data and privacy of citizens conducting electronic transactions.
KKI Chairman David Tobing also expressed regret over Tokopedia not divulging details of the data that was stolen and mishandled by a third party.
The Communication and Informatics Ministry also faces legal action over its ineptness in supervising the implementation of the electronic system to prevent leakage of personal data.
The ministry is tasked with controlling, inspecting, tracking, and securing personal data in line with Article 35 and paragraph (1) of Government Regulation (PP) Number 71 of 2019.
Minister of Communication and Informatics Johnny Plate had earlier spoken of his ministry having formed a team with the National Cyber and Crypto Agency (BSSN) and Tokopedia to evaluate the data leakage case.
In the meantime, the government ensures that the digital economy, especially e-commerce activities, can run smoothly, as it is following up on the data leakage case and streamlining security systems to protect user data. Related news: E-commerce actors support planned regulation of imported goods
Related news: Tokopedia secures US$1.1 billion in latest financing round