Pertemuan Proteksi Data Pribadi

5/19/13
Indonesia Facts
Data Privacy Protec-ng
Indonesia Proles
Sources: cnn.com
Indonesia is the
world's largest
archipelago with
over 17,000
islands and
stretches across
3,500 miles
Mobile Phone Subscribers
Indonesia Economics (rst quarter 2012)

Economic growth: 6,3 %
Gross DomesDc Product
(GDP): US$ 825 Million
GDP - composiDon by sector:
agriculture (14.9%), industry
(46%), services (39.1%)
Member of G20
859 million
752 million
Indonesia has
Indonesia ICT Numbers and

Facts
the
279 million
Jakarta night view
238 million
million mobile
phone subscribers, or
th largest in the world.
220 million
69,7 million
Indonesia regained its investment grade rating

from Fitch Rating in late 2011, and from Moody's
Rating in early 2012
China
USA
India
Russia
Indonesia
Thailand
34,5 million
Malaysia
7,3millions
Singapore
sources: cia.gov, last updated 7 Feb 2012

4
5/19/13
Facts
Social Media: Facebook Users
Indonesia has 43,1

million
users
or the 3th largest in
the worlds.
USA
India
Indonesia
Thailand
Malaysia
Singapura
Sources: socialbakers.com, last updated 7 Feb 2012
Indonesia ICT Spending
Online Behavior: Teens and Technology

60% have a computer/laptop
97% play computer games
93% use the Internet
30% write blogs
70% use Social Networking Sites
40% have video cameras (& 25% upload/75%
download)
75% have a cell phone
Pew Internet and American Life Project, 2009
ICT Spending
(Millions of U.S. Dollars)
30,000.0
22.583,3
25,000.0
24.769,8
26.224,0
19.742,8
CommunicaDons
20,000.0
Computer Hardware
15,000.0
Computer So[ware
Computer Services
10,000.0
5,000.0
0.0
2008
2009
2010
2011*
Sources: WorldBank
* Prediction
NaMonal ICT Council Mandate

(PresidenMal Decree No. 20 2006)
ICT Investment: Central Goverment Agencies
To formulate strategic direcDon of naDonal

development through ICT empowerment
ICT expenditure in
government agencies
increasing 18,24 % in
2009-2010.
2009
Indonesia NaMonal ICT

Council (DETIKNAS)
To study and solve strategic problems in order

to develop ICT
To coordinate naDonally all stakeholders in
the development of ICT
To approve the implementaDons of cross-
department ICT so that eecDve and ecient
2010
10
12
5/19/13
of
tw
ar
t
men
e-B
NI
cure
e-Pro
Advisors
ICT experts from 4 UniversiDes
Other ICT experts with naDonal and
internaDonal reputaDons and
experiences
Kemkopolhukam
National Cyber Security

Kemkominfo
Working Groups
r
ultu
gric
Secretariat
Comprehensive View of ICT in Indonesia
e-A
ExecuMve CommiSee

Chair
: Minister for CommunicaDon and IT
Vice Chair
: Zainal A. Hasibuan
Secretary : DG ICT InformaDcs ApplicaDon
Vice Secretary : Deputy Secretary Cabinet of Law
Member
: Gatot Sudariyono, Sardjoeni
Moedjiono, Rudi Lumanto, Adiseno, SeDadi Yazid, Herry
Pansila, Arief Mustain, Yan Rianto, Sekjen, DG PPI, DG
SDPPI, Head of BPPSDM, MCIT Expert Sta Technology
Sector, MCIT Expert Sta PoliDc and Security Sector

e-Cultural
Heritage
NS
Steering CommiSee
Chair
: President
Vice Chair
: Minister for Coord.
Economic
ExecuDve Chair: Minister for CommunicaDon
and IT
Member : Minister for Finance
Minister for Industry
Minister for Trade
Minister for NaDonal EducaDon & Culture
Minister for Home Aairs
Minister for Research and Technology
Minister for Law and Human Rights
Minister for Public Services Reform
Minister for NaDonal Planning
Secretary of Cabinet
Zainal A. Hasibuan
10 DETIKNAS Strategic Program to Answer NaMonal

Problems
Using ICT Strategic
Program for
promoDng industry,
eICT human
n
He Cul
tio
a
rit tur
ag al
uc
resources, and using
e
Ed
e
ICT as an enabler of
e-Health
Palapa Ring
Le
ga
economic growth
lS
udg
etin
g
OrganizaMon Structures
e-
Health
e-
Agriculture
e-
BudgeDng
e-
EducaDon
Kempertanian
e-
Procurement
Kemkeu
Kemdikbud
Legal
Government Integra
ted D
Kemkes
Government Inte
Kemkominfo Palapa Ring
ata Center (GIDC)
Kemkominfo
rnet Exchange (GIX
Portal Open e-Government

Indonesia
Kemperind
Kemkominfo
ICT Human
Resources
Kemkominfo
Partners
MASTEL; FTII & ICT AssociaDons;
UniversiDes; Chamber of Commerce;
Technology Owner
13
G2B
G2C
G2E
G2G
15
Policies and RegulaMons: ICT Security
Technical and Procedural
Telecommunication Act No 36/1999

Information Transaction Electronic Act No. 11/2008
Implementation Of Telecommunications Government Regulation No. 52/2000
An Overview of Cyber
Security in Indonesia
e-
KTP
Kemkoekuin
Kemdagri
So[ware
Kemdikbud
ICT
Industry
NSW
LKPP
Organizational structure of information security Ministerial Regulation PM 17/

PER/M.KOMINFO
National Act:2
Government Regulation:1
Ministerial Regulation:2
Ministerial Decree:2
Ministerial Letter:3
IP-based network security Ministerial Regulation No. 16/PER/M.KOMINFO/

10/2010
CA Supervisory Board ad hoc team Ministerial Decree No. 197/KEP/
M.KOMINFO/05/2010
Information security coordination team Ministerial Decree No. 33/KEP/
M.KOMINFO/04/2010
Web server security Ministry Letter
Wifi Security Ministry Letter

Guidelines for the use of ISO 27001 Ministry Letter
17
Indonesia Na-onal Standard (SNI ISO/IEC 27001:2009: Informa-on

Security Management System): NaDonal StandardizaDon Agency (BSN)
has established an idenDcal adopDon of ISO 27001 become SNI ISO/IEC
27001, This standard covers all types of organizaDons such as commercial
enterprises, government, & nonprot organizaMon. This standard
species requirements for establishing, implemenMng, operaMng,
monitoring, assessment, improving & maintenance of InformaMon
Security.
Health and Safe Internet Program: This program contains educaDonal and
public awareness about the importance of informaDon security. It is
hoped that through this program, community in ICT sector parDcipate in
maintaining security in cyberspace.
Trust+: Trust Posi-ve (Trust+) is negaDve content ltering technology
based which is developed by models and the workings of this system is to
perform ltering of the top level domain, URL and Content, Keyword,
Expression. ImplementaDon Trust+ is performed in MCIT, telcooperators
and ISPs.
18
5/19/13
Security: OrganizaMonal Structures

Goverment
Agencies
Security: OrganizaMonal Structures
MCIT
Infromation Security
Coordination Team
InformaMon Security
CoordinaMon Team
Directorate General of
Applications Informatics
Directorate General of Postal

Devices and Informatics
Directorate of Information
Security
Indonesia Security Incident

Response Team on Internet
Infrastructure (ID-SIRTII)
Legal
Basis
ID-CERT
ID-ACAD-CSIRT
Structural
Adhoc
Indonesia Security Incident Response Team on

Internet Infrastructure
Decree of the Minister of RegulaDon of the

RegulaDon of the Minister of MCIT Number: 26/
MCIT Number: 133/KEP/ Minister of MCIT
PER/M.KOMINFO/5/2007
M/KOMINFO/04/2010
Number:17/PER/
M.KOMINFO/10/2010
Tasks and To coordinate, develop

FuncDons policy, develop technical
guidelines, conducDng
awareness campaigns,
and conduct monitoring
and submit reports on
the implementaDon of
informaDon security in
Indonesia.
Community
Directorate of
InformaMon Security
To formulate and
implement policies,
preparaDon of norms,
standards,
procedures and
criteria, providing
technical guidance
and evaluaDon in the
eld of informaDon
security.
Internet trac monitoring for incident handling

purposes;Managing log les to support law
enforcement;EducaDng public for security
awareness;AssisDng insDtuDons in managing
security;Providing training to consDtuency and
stakeholders;Running laboratory for simulaDon
pracDces;Establishing external and internaDonal
collaboraDons.
19
Cyber Space in work and daily life
Daily Life
Online shopping
Mobile
CommunicaDon
Social Media
Etc.
Cyber Security Threats
20
Threats in Cyber Space
Security Context and MoMvaMon
In Work
E-Business
E-Commerce
E-Government
G2C, G2B,B2G,
G2E
Etc.
Computer Virus
Worm
.....
Hacking
Logical/
Cyber
Apack
The current threat for every country is not only come from physical
threat, but also from cyber threat, because the cyber threat potentially
destroying the economy and destabilize the country's security.
To anticipate the threats that come from cyberspace, the government
needs to develop a defense and security system and strategy.
The National cyber security system and strategy consist of five aspects:
Legal, technical and procedural, Organizational Structures, Capacity
Building and International Cooperation (ITU).
Information Technology
Theft
22
Cuts
.....
Bomb
Physical
Apack
23
5/19/13
Integrated InformaMon Security Framework
InformaMon Security Basic FoundaMon
Availability
Direct
control
Confidentiality
Security OperaMonal Level
Execute
25
InformaMon Security Approach
Confidentiality
Integrity
Availability
Security Managerial Level
Asset
control
InternaMonal CooperaMon
Security Strategic Level

Direct
Capacity Building
Integrity
OrganizaMon Structures
Administrative Approach
Main Consideration
Confidentiality
Integrity
Availability
Legal
Extremely rely on information technology

Unacceptable loss (Tangible and
Intangible)
The existence of various threats
Technical and Procedural
Why We Need InformaMon Security?
Technology Approach
27
26
InformaMon Security: AdministraMve Approach
InformaMon Security: Technology Approach- Defense

in Depth
Data
ApplicaDon
Level/Document
Strategic
AdministraDve
Approach
InformaDon
Security
Technology
Approach
TacDcal
OperaDonal
Policy
Standard
Procedure
Host
V
V
Internal Network
V
External Network
5/19/13
InformaMon Security: AdminstraMve and Technology

Approach (Defense in Depth)
Pertukaran Informasi
DMZ
VPN
Firewalls
Logging
Proxy
IDS
AudiDng
Logging
IPS
AuthenDcaDon
PenetraDon
TesDng
Stateful Packet
InspecDon
Logging
AnDvirus
AudiDng
IDS
Vulnerability
Analysis
AudiDng
PenetraDon
TesDng
IPS
Vulnerability
Analysis
Password
Hashing
PenetraDon
TesDng
Vulnerability
Analysis
SSO
Content Filtering
Logging
AudiDng
PenetraDon
TesDng
Data ValidaDon
AudiDng
PenetraDon
TesDng
Vulnerability
Analysis
Esensi Pertukaran Informasi
EncrypDon
Access Controls
Backup
PenetraDon
TesDng
Vulnerability
Analysis
Vulnerability
Analysis
External
Network
Network
Perimeter
Internal
Network
Host
ApplicaMon
Informasi Elektronik
Bukti Elektronik
Bukti elektronik menjelaskan adanya informasi
elektronik yang dipertukarkan dalam transaksi
elektronik
Transaksi Elektronik
Transaksi tidak sekedar pertukaran yang dapat dilihat
secara fisik sebagaimana terjadi dalam pengertian
konvensional, seperti jual dan beli, namun diperluas
mencakup pertukaran informasi elektronik melalui
media elektronik (Internet).
Data
33
Informasi Elektronik & / Dokumen Elektronik & / hasil

cetaknya merupakan alat bukti hukum yang sah, dan
merupakan perluasan dari alat bukti yang diatur dalam
Hukum Acara yang berlaku di Indonesia.
Informasi elektronik dapat berupa catatan elektronik,
dokumen elektronik, kontrak elektronik, surat
elektronik, atau tanda tangan elektronik.
Informasi Elektronik & Dokumen Elektronik dinyatakan
sah bila mengguna-an Sistem Elektronik sesuai
ketentuan dalam UU ITE
34
Ketentuan mengenai Informasi Elektronik & Dokumen

Elektronik tidak berlaku untuk :
Surat yang menurut UU harus dibuat dalam bentuk
tertulis, diantaranya yaitu surat berharga, surat yang
berharga, dan surat yang digunakan dalam proses
penegakan hukum acara perdata, pidana, dan
administrasi negara.
Surat beserta dokumennya yang menurut UU harus
dibuat dalam bentuk akta notaril atau akta yang
dibuat oleh pejabat pembuat akta
35
Selain pengecualian sebelumnya yang

mensyaratkan
suatu
informasi elektronik harus berbentuk tertulis atau asli, Informasi
Elektronik &/ Dokumen Elektronik dianggap sah bila informasi
yang tercantum didalamnya memenuhi ketentuan UU sbb :
1. Dapat terjamin keutuhannya dan dapat dipertanggung-jawabkan
Pesan yang dimaksud dalam informasi elektronik tersebut tidak berubah
isinya dalam proses penyimpanan, pengiriman, penerimaan dan
tampilannya.
2. Dapat diakses
Informasi elekronik tersebut dapat ditelusuri keberadaannya.
3. Dapat ditampilkan sehingga menerangkan suatu keadaan
Informasi elektronik tersebut memiliki makna tertentu atau menjelaskan isi
atau substansi yang dimaksud oleh penggunanya.
36
5/19/13
Tanda Tangan Elektronik
Tanda Tangan Elektronik
Tanda tangan elektronik memiliki kekuatan hukum

dan akibat hukum yang sah selama memenuhi
ketentuan dalam undang-undang ini.
Penyelenggaraan SerMkasi Elektronik
Teknik, metode, sarana, atau proses pembuatan

tanda tangan elektronik memiliki kedudukan hukum
yang sah selama memenuhi persyaratan yang
ditetapkan dalam undang-undang ini.
Undang-undang memberikan pengakuan secara tegas

bahwa tanda tangan elektronik meskipun hanya
merupakan suatu kode akan tetapi memiliki kedudukan
yang sama dan sejajar dengan tanda tangan manual pada
umumnya yang memiliki kekuatan hukum dan akibat
hukum
Tanda tangan elektronik yang dimaksud dalam pasal ini

termasuk penggunaan infrastruktur kunci publik,
biometrik, kriptogra simetrik, dan sebagainya.
37
a. Penyelenggara Sertifikasi Elektronik Indonesia,

berbadan hukum Indonesia, berdomisili di Indonesia
b. Penyelenggara Sertifikasi Elektronik asing. Jika
beroperasi di Indonesia harus terdaftar di Indonesia.
38
Penyelenggara Sertifikasi Elektronik harus

menyediakan informasi yang akurat, jelas, dan
pasti kepada setiap pengguna jasa, minimum
meliputi :
a. metode yang digunakan untuk mengidentifikasi
Penanda Tangan;
b. hal yang dapat digunakan untuk mengetahui data
diri pembuat Tanda Tangan Elektronik; dan
c. hal yang dapat digunakan untuk menunjukkan
keberlakuan dan keamanan Tanda Tangan
Elektronik.
40
Setiap Orang berhak menggunakan jasa Penyelenggara

Sertifikasi Elektronik untuk pembuatan Tanda Tangan
Elektronik.
Penyelenggara Sertifikasi Elektronik harus memastikan
keterkaitan suatu Tanda Tangan Elektronik dengan
pemiliknya.
Penyelenggara Sertifikasi Elektronik terdiri atas :
Persyaratan Minumun Sistem Elektronik
Informasi dan transaksi elektronik diselenggarakan oleh

sistem elektronik yang terpercaya, yakni :
1. Andal artinya sistem elektronik tersebut memiliki kemampuan
yang sesuai dengan kebutuhan penggunaannya.
2. Aman artinya sistem elektronik tersebut terlindungi baik secara
fisik mapun non fisik.
3. Beroperasi sebagaimana mestinya artinya sistem elektronik
tersebut memiliki kemampuan sesuai spesifikasinya.
Penyelenggara sistem elektronik bertanggung jawab terhadap
penyelenggaraan sistem elektronik yang diselenggarakannya.
Yang dimaksud dengan bertanggung-jawab artinya ada subyek
hukum yang bertanggung-jawab terhadap penyelenggaraan sistem
elektronik tersebut.
39
41
a. Dapat menampilkan kembali Informasi Elektronik & / Dokumen

Elektronik secara utuh sesuai dengan masa retensi yang ditetapkan
dengan Peraturan Perundang-undangan;
b. Dapat melindungi ketersediaan, keutuhan, keotentikan, kerahasiaan, dan keteraksesan Informasi Elektronik dalam Penyelenggaraan
Sistem Elektronik tersebut;
c. Dapat beroperasi sesuai dengan prosedur atau petunjuk dalam
Penyelenggaraan Sistem Elektronik tersebut;
d. Dilengkapi dengan prosedur atau petunjuk yang diumumkan dengan
bahasa, informasi, atau simbol yang dapat dipahami oleh pihak ybs
dengan Penyelenggaraan Sistem Elektronik tersebut;
e. Memiliki mekanisme yang berkelanjutan untuk menjaga kebaruan,
kejelasan, dan kebertanggung-jawaban prosedur atau petunjuk
42
5/19/13
Kesimpulan
Penutup
UU Informasi dan Transaksi Elektronik (ITE)

melindungi keamanan data pribadi yang bersifat
elektronik dari pengaksesan (Pasal 30) maupun
penggunaan data tanpa izin (Pasal 26).
Mekanisme pertukaran data pribadi yang bersifat
rahasia hendaknya menggunakan tanda tangan
elektronik dan serDkat elektronik.
Perlunya sosialisasi mengenai kesadaran
perlindungan data pribadi.
Sumber
INDONESIA NATIONAL ICT COUNCIL

www.deMknas.org
pmo.deMknas@kominfo.go.id

2012
44

Pertemuan Proteksi Data Pribadi

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Pertemuan Proteksi Data Pribadi

Uploaded by

Copyright:

Available Formats

5/19/13

Data Privacy Protec-ng

Mobile Phone Subscribers

Indonesia Economics (rst quarter 2012)

Indonesia ICT Numbers and

Indonesia regained its investment grade rating

sources: cia.gov, last updated 7 Feb 2012

Social Media: Facebook Users

Indonesia has 43,1

Sources: socialbakers.com, last updated 7 Feb 2012

Indonesia ICT Spending

Online Behavior: Teens and Technology

NaMonal ICT Council Mandate

ICT Investment: Central Goverment Agencies

To formulate strategic direcDon of naDonal

Indonesia NaMonal ICT

To study and solve strategic problems in order

National Cyber Security

Comprehensive View of ICT in Indonesia

10 DETIKNAS Strategic Program to Answer NaMonal

Kemkominfo Palapa Ring

ata Center (GIDC)

rnet Exchange (GIX

Portal Open e-Government

Policies and RegulaMons: ICT Security

Technical and Procedural

Telecommunication Act No 36/1999

Organizational structure of information security Ministerial Regulation PM 17/

IP-based network security Ministerial Regulation No. 16/PER/M.KOMINFO/

Wifi Security Ministry Letter

Indonesia Na-onal Standard (SNI ISO/IEC 27001:2009: Informa-on

Security: OrganizaMonal Structures

Security: OrganizaMonal Structures

Directorate General of Postal

Indonesia Security Incident

Indonesia Security Incident Response Team on

Decree of the Minister of RegulaDon of the

Tasks and To coordinate, develop

Internet trac monitoring for incident handling

Cyber Space in work and daily life

Cyber Security Threats

Threats in Cyber Space

Security Context and MoMvaMon

Integrated InformaMon Security Framework

InformaMon Security Basic FoundaMon

Security OperaMonal Level

InformaMon Security Approach

Security Managerial Level

Security Strategic Level

Extremely rely on information technology

Technical and Procedural

Why We Need InformaMon Security?

InformaMon Security: AdministraMve Approach

InformaMon Security: Technology Approach- Defense

InformaMon Security: AdminstraMve and Technology

Esensi Pertukaran Informasi

Informasi Elektronik & / Dokumen Elektronik & / hasil

Ketentuan mengenai Informasi Elektronik & Dokumen

Selain pengecualian sebelumnya yang

Tanda Tangan Elektronik

Tanda Tangan Elektronik

Tanda tangan elektronik memiliki kekuatan hukum

Penyelenggaraan SerMkasi Elektronik

Teknik, metode, sarana, atau proses pembuatan