TheJakartaPost

Please Update your browser

Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.

Jakarta Post

Human rights groups urge privacy protection in COVID-19 contact tracing efforts

The alliance urged the government to issue data privacy regulations that specifically address the PeduliLindungi app and to be transparent about the data breach that occurred in PeduliLindungi’s database.

News Desk (The Jakarta Post)
Jakarta
Wed, July 1, 2020

Share This Article

Change Size

Human rights groups urge privacy protection in COVID-19 contact tracing efforts The ASEAN Intergovernmental Commission on Human Rights (AICHR) and various human rights organizations have sent an open letter to the Indonesian government, demanding transparency in its contact tracing efforts during the COVID-19 pandemic. (Shutterstock/PopTika)

T

he Indonesian representative to the ASEAN Intergovernmental Commission on Human Rights (AICHR) and various human rights organizations have sent an open letter to the Indonesian government, demanding transparency in its contact tracing during the COVID-19 pandemic.

In an open letter to the Communications and Information Ministry, Indonesian representative to the AICHR Yuyun Wahyuningrum and 13 human rights organizations urged the government to issue a specific regulation on its contact tracing efforts, including on the data collected and how the data should be treated to protect privacy.

“In April 2020, as COVID-19 spread, Indonesia rolled out the PeduliLindungi app. While other countries have released the source code of their exposure notification apps, the only available information about PeduliLindungi is from the government. The source code of the app has never been released and the privacy policy of the app has never been clearly stated at the iOS and Android app stores,” the letter’s signees said in a statement on Tuesday.

Read also: What to know before using PeduliLindungi surveillance app, according to cybersecurity expert

The fact that Indonesia also lacks a robust personal data protection regulation in line with the best practices -- such as that implemented by Europe’s General Data Protection Regulation (GDPR) – raises concerns about privacy protection, they added.

“The data collection process from all contact tracing efforts must be in line with internationally-accepted standards and best practices, particularly the World Health Organization’s ‘Ethical considerations to guide the use of digital proximity tracking technologies for COVID-19 contact tracing,” they urged.

In this regard, the parties request the Indonesian government to “release the white paper and the source code of the PeduliLindungi app under an open-source license”, in which all necessary details of the system’s architecture, functions, protocols, data management and security design are placed.

“The source code should be that of the deployed system, complete, up-to-date and buildable so that the system’s security and privacy treatment can be independently verified. The white paper and the source code must be regularly updated along with the app,” they said.

Furthermore, the government should “provide a clear privacy policy for PeduliLindungi at both the App Store and Google Play. All the elements of how the data is collected, processed and stored must be transparent and in line with international standards and best practices for privacy protection. Users’ informed consent must be obtained before the app can be downloaded”.

Read also: Robust personal data protection critical in COVID-19 fight

In addition, the alliance urged the government to issue data privacy regulations that specifically address the PeduliLindungi app and to be transparent about the data breach that occurred in PeduliLindungi’s database.

“The [Communications and Information] ministry should conduct a formal investigation and report on the incident and take steps to harden the system to prevent a reoccurrence.”

“In keeping with its international commitments to protect the fundamental human right to privacy, the Indonesian government must protect the right to privacy of citizens in any upcoming contact tracing efforts,” they concluded, adding that transparency must be provided to the furthest extent possible in relation to how privacy is treated.

Among the signees are various parties advocating human rights issues, including the Southeast Asia Freedom of Expression Network (SAFEnet), the Institute for Policy Research and Advocacy, FORUM-ASIA, the Commission for Missing Persons and Victims of Violence (KontraS), the Indonesia Legal Aid Foundation (YLBHI) and the Human Rights Working Group. (asp)

Editor’s note: An earlier version of this article misstated that the open letter was signed by the AICHR. The letter was only signed by the Indonesian representative to the AICHR.

{

Your Opinion Counts

Your thoughts matter - share your experiences, suggestions, and any issues you've encountered on The Jakarta Post. We're here to listen.

Enter at least 30 characters
0 / 30

Thank You

Thank you for sharing your thoughts. We appreciate your feedback.