The private data leak that impacted millions of Facebook users across the world has stirred up a global hornet’s nest. The international community is affronted, and a simultaneous wave of skepticism and phobia has ensued regarding the threat to privacy.
The advancement of digital information technologies has understandably caused speculation and instilled a deepening sense of worry among everyone involved in the current era of social media.
The pervasiveness of digital technologies cannot be overestimated, however. Our social media timelines are incessantly force-fed with a deluge of information, public and private, from all corners of the world. Data-based digital technologies have turned out to be virtually borderless and all-encompassing. Connections have become increasingly intimate, involving both individuals and communities. Online topics are now at the extremes of diversity; users have consequently ceased to be fettered by time and space.
In the midst of this breakneck and massive era, digital information technologies have undeniably taken up their own niche in the infrastructure of society. The future is tied to the modernization of this technology.
On the one hand, the presence of digital technologies is looked forward to, given their far-reaching application in every walk of life, and none more so prominent perhaps than in social media. This is exacerbated by the fact that the primary users of social media are the so-called millennials, who invest themselves greatly in media forms that are new, simple and have large potential for networking.
On the other hand, digital technologies have proved to be more than a mere “potential” threat to spaces of privacy. The collective unrest against the system of private data protection is not uncalled for. It has recently been exposed that around 1 million Facebook users in Indonesia have been declared compromised as part of the long list stolen by British political consultant Cambridge Analytica, which has shut down.
This figure has put Indonesia as a country with the third-highest amount of private data stolen in the scandal after the United States, with up to 70.6 million and the Philippines with 1.1 million.
True, for the moment, the leak of 1 million Facebook users in Indonesia has not perceivably caused any significant repercussions. This is because a large portion of the data stolen by Cambridge Analytica had already been used for the interests of the US presidential election two years ago. The world has since become wary, including Indonesia, that Facebook’s data leak could be misused by certain parties that would then cause a serious threat to national sovereignty or the process of democratization in Indonesia.
The current unspoken consent of public panic is whether or not the data in our Facebook account is safe.
The data theft of 1 million Facebook accounts in Indonesia must be responded to seriously and involving public engagement. Recently, the House Commission I overseeing information summoned Facebook’s Indonesian representatives to testify in a public hearing. We imparted on them that Facebook’s misconduct has hurt the trust of its users; those in the wrong must be held accountable. We are currently pressuring the government to take firm and forthright action.
In a show of corporate gentlemanliness during the hearing, Facebook admitted its wrongdoings. The company also apologized for the data leak of Indonesian Facebook users and explained in detail how the catastrophe occurred.
We now know that the crux of the problem lies in Facebook’s weak platform policy toward its application developers. An example of this is the “This Is Your Digital Life App”, in which Dr. Aleksandr Kogan presided as consultant and developer. It turns out that the application’s data, wired to Facebook, was misappropriated by Cambridge Analytica.
Facebook itself could not confirm whether or not 2013-2015 data from Indonesia’s Facebook users have been deleted by the defunct consulting firm. Repercussions for Dr. Kogan have also proved insufficient in the face of thieving data from millions of Facebook accounts.
In principle, we demand Facebook to be forthcoming over the leaked data of Facebook accounts and what they were ultimately used for. If it is discovered that the data of 1 million Facebook users in Indonesia had been fraudulently misused and created the potential for a significant threat on state sovereignty and security, then strong action must be taken against Facebook.
The state must be present in order to end public unrest, as well as protect and secure the rights of the public. An investigative audit must be undertaken with a clear time agenda, in order for Facebook to be able to assure the Indonesian public that the leaked data does not present a threat for us.
The House of Representatives supports all concrete steps taken by the government, in this case the Communications and Information Ministry, in blocking Facebook if they failed to be responsible for the data of compromised users.
Progress in the flow of digital data-based information technologies is moving fast. However, the regulations that keep this progress in check are still grossly underdeveloped. There needs to be state control in order to protect its citizens, without intervening in the private spaces of digital use.
We need digital literacy that will link and mediate the interplay within the upstream and downstream sectors of digitalization.
Strengthening regulations on private data protection is a priority for the existing legal umbrella to prove adequate in responding to advancements in digital technology. So far, regulations on private data protection are limited to a single instrument, namely Communications and Information Ministry Regulation No. 20/2016 on private data protection in electronic systems.
This regulation encompasses protection on the acquirement, collection, processing, analysis, storage, display, announcement, sending, dissemination and extermination of private data. Although this regulation is already in place, a stronger legal umbrella in the form of a law is absent. The ministerial regulation only provides administrative sanctions, while a private data protection law can impose strong penalties.
There is an urgent need for a comprehensive private data protection law. Through this legislation, the state will be present to protect its citizens. The House Commission I supports the government to complete this government-sponsored bill by the end of this year at the latest. The Private Data Protection Bill has actually been part of the National Legislation Program for 2015–2019, but is not deemed as a priority.
The bill is important and pressing because Indonesia has no comprehensive policy or regulation on private data protection within a single instrument of law, and the Constitution does not explicitly regulate data protection. However, it implicitly provides the means for protection through articles 28F and 28G (1) on the freedom to store information and protection of data and information.
The writer is vice chairman of the House of Representatives’ Commission I overseeing information and security.
Disclaimer: The opinions expressed in this article are those of the author and do not reflect the official stance of The Jakarta Post.