At a 2018 forum, the Organisation for Economic Cooperation and Development (OECD) emphasized the importance of digital governance while raising concerns about how data-driven innovation and technology risked breaching personal data and privacy. The key takeaway from the forum was how to prevent digital transformation from breaching human rights as more and more companies and governments push technological innovations without anticipating their impacts.

Cases involving personal security, information leaks, misinformation, fraud, cyberattacks and many other forms of as yet unregulated illicit activities have raised questions about whether governance can match the growth digital woes in terms of pace.

The global Ranking Digital Rights (RDR) index for 2020 reveals the predicament of this issue in evaluating digital governance at 26 global tech giants, which serve more than 4.6 billion users and have a combined market cap of nearly US$11 trillion.

The best performing global technology companies like Twitter, Ooredoo and Telefonica rated only a D (40-50 percent) in the 2020 RDR. Meanwhile, supply chain giant Amazon ranked at the bottom of 14 digital platforms for reportedly having less transparency in how it handled or secured user information and data retention policies. These findings have raised an alert for governments as to whether their policymaking process could balance the speed of the digital economy.

Based on this year’s data from the United Nations Conference on Trade and Development (UNCTAD), only 128 out of 192 countries (66 percent) regulate personal data security and privacy, while 10 percent has started drafting regulations and 19 percent has no regulations. The most recent example is China, whose government imposed a strict regulation on digital companies with clear boundaries and a hefty fine for perpetrators.

What about Indonesia?

The Indonesian government has been promoting Industry 4.0 in response to the global trend. However, it is still waiting for the House of Representatives to approve the personal data protection bill, an umbrella policy. Without the legislation, promoting digital governance will have no legal basis and key players will be unable to translate it into derivative corporate policies.

Learning from the controversial making of the Job Creation Law and the Corruption Eradication Commission (KPK) Law revision, the government should give civil society access to deliberation on the personal data protection bill. The public has the right to participate in formulating, monitoring and evaluating derivative regulations.

Why? The essence of digital governance is people-to-people governance. It is about how government regulates companies and how companies accommodate individual rights. With public participation, the government will have a more sound and effective regulation to govern the digital world.

The Information and Communications Ministry has publicly announced the preparatory phases for regulating data acquisition, protection, security and incentives schemes to spur competition amongst the key players. In light of this initiative, the following three recommendations could help the process.

First, the government must craft a comprehensive end-to-end business model that uses the right governance framework to avoid the “e-government trap” that has been familiarized through the e-government (SPBE) national program. The scope of digital governance is far wider than e-government.

Along the way, the “e” for the electronic element has come into play with e-government, e-governance and e-democracy. The operational definition of e-government as contrary to e-governance is often mixed up with shifting everything online without adjusting the overall framework of governance.

The current use of digital technology has transformed the overall definition to be more specific. Welchman (2015) defines digital governance as "a framework for establishing accountability, roles, and decision-making authority for an organization's digital presence". These are the main aspects of regulating policy, strategy and standards (rules-based).

Ilya & Syahraki (2020) offers an alternative approach to digital governance that emphasizes the use of principles (output-based) rather than rules-based governance (structural). This approach used to address end-to-end business in the digital world. Ensuring good principles of digital governance in designing the data information flow in each stakeholder’s business processes will strengthen the overall implementation of digital governance, as each sector has a unique context.

The latter approach offers clearer technical terms for digital governance. However, its scope should also cover government entities and state institutions. As examples, take a look at PeduliLindungi, the Health Ministry’s compulsory COVID-19 contact tracing app, Mobile JKN, the official app of the Health Care and Social Security Agency (BPJS Kesehatan) and many other government-developed apps. Whether the apps protect data privacy or not depends on the technical knowledge of the developer team as well as the IT vendor that designs their user interface and experience.

Next, invest in training talents in the bureaucracy on digital knowledge. We can learn from Singapore and Estonia, which started by educating public servants as policymakers and implementers. Armed with this knowledge, they can educate the public through government programs.

Second, Indonesia should introduce policy enablers by stimulating the policy environment, i.e. adopting the global RDR index at both national and local levels. The policy instrument will urge not only companies, but also government agencies to reflect and adjust their business models based on people or customer needs.

This is akin to the way a digital corporate rating system works. The government can apply the same framework to shift the mindset of policy implementers, companies and the public, especially in how to govern their apps. In involving all stakeholders, the policy instrument will shape the flow of digital governance in Indonesia.

In the end, the government needs to embrace meaningful public participation to shape Indonesia’s digital governance, since policymaking requires technical knowledge on how technology works with people’s behavior. As each of us determines our rights, every citizen should be able to take an active part in protecting and shaping digital governance.

This way, interactions and synergy among policymakers, key players and users will safeguard digital human rights and welfare that is just a click away.

***

The writer is a governance and policy specialist at the Partnership for Governance Reform (Kemitraan).