Data Privacy in the Big Data Era
Indonesia, like many countries around the world, has seen an enormous increase in the number of digital service users in recent years. The growth of the internet across the country’s vast archipelago has brought millions of citizens into the digital sphere, with digital services transforming access to information and on the whole making people’s lives easier. This has been a major factor in the country’s development, but what happens if our privacy laws don’t keep pace with digital innovation?
The absence of comprehensive laws related to data protection is widely believed to have contributed to trading of personal data for commercial purposes in Indonesia [1]. Privacy is a flexible concept and a divisive topic across the world. The concept differs based on culture, norms and laws. The concept of ‘data protection’ or ‘data privacy’ is however essentially now well defined as a set of ‘data protection principles’ which includes an internationally accepted set of minimum principles plus additional principles which are evolving continually through national laws and international agreements [2].
Work to achieve the Sustainable Development Goals is now firmly in implementation phase and based on the extensive list of indicators agreed by UN Members States, new sources of data will need to be collected and analysed in order to shape action to achieve these goals by the 2030 target year and to ensure that no one is left behind. Applications of mobile network data, financial transaction data, postal flows data, and data collected from social media platforms show particular promise [3]. The public sector is increasingly recognising the role that ‘new’ digital data sources can play in providing better evidence for policy making and programme delivery, both within Indonesia and internationally [4]. It is clear that — in an increasingly interconnected world — data can and must be used for public good.
In Indonesia, the general protection upon privacy and data privacy is derived from Human Rights Rules under the Constitution [5]. Indonesia often refers to Article 28(g) of the 1945 Constitution as the basis for more specific data privacy legislation, which states: “Each person shall have the right to protection of their personal selves, families, respect, dignity and possessions under their control and shall have the right to security and protection from threat of fear for doing or not doing something which constitutes a human right.”
Given the opportunities outlined above and the increasing pressures on the Government of Indonesia, which is in the midst of rolling out a national electronic identity card programme, as well as holding an increased desire to further international trade including in digital services, it is good news that Indonesia is in the process of drafting a comprehensive data privacy law.
Across the UN Global Pulse lab network, we take data privacy very seriously. Global Pulse respects and values individuals’ privacy and protecting it is central to our work. In consultation with privacy experts, Global Pulse developed a set of Privacy Principles which guides the work we do on big data and with artificial intelligence. Global Pulse has also established a Data Privacy Advisory Group comprised of experts from the public and private sector, academia and civil society, as a forum to engage in a continuous dialogue on critical topics related to data protection and privacy with the objective of unearthing precedents, good practices, and strengthen the overall understanding of how privacy protected analysis of big data can contribute to sustainable development and humanitarian action.
Pulse Lab Jakarta has tapped into this work conducted across the lab network along with the Government of Indonesia. Global Pulse continues to ensure that as we expand this frontier of big data analytics and artificial intelligence, we do so while being responsible and respectful of the right to data privacy.
You may also be interested in reading a recent post by Indy Johar on the future of governance and regulation, which inspired us to post on the data privacy frameworks in Indonesia and how they are evolving in the big data era.
References:
[1] Greenleaf, Graham (2014), Asian Data Privacy Laws, p. 374.
[2] Greenleaf, Graham (2014), Asian Data Privacy Laws, p. 5.
[3] UN Global Pulse, Project Series, available at: http://unglobalpulse.org/blog/big-data-development-action-global-pulse-project-series; UN Global Pulse (October 2013), Mobile Phone Network Data for Development, available at: http://www.unglobalpulse.org/Mobile_Phone_Network_Data-for-Dev; The Gov Lab (September 2017), The Potential of Social Media Intelligence to Improve People’s Lives, available at: http://datacollaboratives.org/social-media.html.
[4] United Nations Secretary-General’s Independent Expert Advisory Group on the Data Revolution for Sustainable Development (November 2014), A World That Counts: Mobilising the Data Revolution for Sustainable Development, available at: http://www.undatarevolution.org/report/.
[5] Sinta Dewi (2016), Data Privacy Protection and Model Regulation in Indonesia, p. 2–4.
Pulse Lab Jakarta is grateful for the generous support of the Government of Australia.
