The ratification of this bill must be done immediately to offer security guarantees for the creation of an inclusive and safe digital economy ecosystem.
Jakarta (ANTARA) - The Center for Indonesia Policy Studies (CIPS) has called for the immediate ratification of the Personal Data Protection Bill as it could boost the digital economy's contribution to economic recovery.

"The ratification of this bill must be done immediately to offer security guarantees for the creation of an inclusive and safe digital economy ecosystem," CIPS researcher Pingkan Audrine said in a statement received here on Tuesday.

The discussion of the bill has been on for a long time, but it has borne no result yet, she noted. According to data from the Communication and Information Technology Ministry, the national digital economy has the potential to reach US$146 billion by 2025 and further increase to US$330 billion by 2030.

"This potential must be (tapped into), one of which is by providing security guarantees for digital interactions, such as financial transactions and personal data security," Audrine said.

The bill's ratification would assign personal data controllers the responsibility of maintaining the security of users' personal data, complete with sanctions for negligence or violations.

This would encourage personal data controllers to implement best practices to protect users' personal data.

Related news: Hope personal data protection bill deliberations to end soon: minister

If the bill is passed, data controllers would be required to submit a written notification, no later than 72 hours, to the data owners and the supervisory agency in the event of a data breach or failure of personal data protection.

Transparency in reporting is vital. The current policy provides a grace period of 14 days.

It is very important for companies to be transparent, inform their users, and explain the steps that they would take to mitigate risks and the steps that users must take in case of a data leak.

"In addition to providing clarity regarding the obligations of data controllers, consumers, as data owners, are also expected to be well-informed about their rights and obligations, the type of information they can share, and parties that can assist them in solving issues related to digital transactions," she said.

Currently, personal data protection is regulated by 32 laws and several derivative regulations, Audrine noted.

As a result, many ministries and agencies are conducting the implementation and supervision of this issue. Personal data misuse in e-commerce is regulated by some laws, including the Telecommunications Law, the Information and Electronic Transactions Law (ITE), the Consumer Protection Law, and the Trade Law.

The issue of personal data protection is indirectly under the purview of the Trade Ministry and the Communication and Information Technology Ministry.

"Implementation and supervision of consumer protection will be difficult without strong coordination from those ministries," Audrine remarked.

Related news: Expert pushes government to ratify personal data protection bill
Related news: Legislator seeks support for personal data bill ratification








Translator: Ade Irma J, Mecca Yumna
Editor: Suharto
Copyright © ANTARA 2022