By: Sonny Zulhuda

As you would reckon, we recently witnessed how the world politics (and curious millennials) have been affected by the issue of cross-border data flow. How safe and trustworthy is our connection and data flow?

Other relevant questions will be: Should we allow people’s personal data be transferred to other country? How vulnerable is it? Should we have a law to regulate it?

On 15th July 2020, a European court decision makes it illegal for European companies to transfer personal data to the other side of Atlantic. This heavily affected businesses and transaction between Europe and the United States. So,  this would challenge the operation of many platforms who originate from the US like Facebook and Instagram

The reason? Because European judges decided it was not safe to transfer people’s personal data to the US, considering the applicability of some US laws that mandate surveillance!

So.. THE EUROPE DOES NOT TRUST THE AMERICAN?

Just a few weeks after that on 6th August 2020, President Donald Trump had issues an Executive Order making it illegal for Chinese online platforms TikTok and Wechat to operate in the US unless they sold the business to American company.

The reason? Because the US alleges that the data of Americans obtained by those hugely popular platforms would be subject to the Communist Government acquisition and espionage.

In other words; THE US GOVERNMENT DOES NOT TRUST THE CHINESE?

TikTok is now believed to work out within the given deadline to reach an agreement with…… Microsoft! 🙂

“Singkat cerita” (story cut short), so much is at stake when we talk about data flow between borders. Transferring information across country border is considered a big deal. But yet, it is still the order of the day, something we cannot do without!

For the country like Indonesia, whether it is as a recipient or source of cross-border data transfer, trustworthy system is a prerequisite.

Where to start, and to do about it? Well, I don’t really have the answer. Because I will get you with more questions when discussing this.

(I will be speaking about this on Wednesday at this precious event organised by the Indonesian Ministry of Communication and Information Technology (“Kemkominfo RI”) and the World Summit for Information Society (WSIS). The topic selected is about how to ensure a reliable, safer and trustworthy digital connection for Indonesia. This event is plausible. Kudo to Kominfo!)

Come and join me this Wednesday! (Err.. It’s OK, we still can talk on this some other day though!) 🙂

By: Sonny Zulhuda

During this global Pandemic, states, businesses and organisations collect personal information of people for the purpose of tracking and identifying the spread of the pandemic.

For this purpose in Malaysia, some tracker apps are developed and the Government makes it mandatory for business outlets to collect personal data of people.

Concerns arise on how this data collection and processing trigger the legal provisions of the Personal Data Protection law in Malaysia. Several questions are of particular concern;

Are personal data put at risks? What are those risks? Is there any rule or exception relating to the data processing pertaining to the handling of the pandemic? What will be the best practices to be complied with by data users? How are these issues of data protection affecting German society and implicating the German laws?

This discussion is brought by two speakers, one from Malaysian perspective and the other from the German experience. Myself and Prof. Michael Bohne from Dortmund University of Applied Sciences speak at this International Webinar Lecture Series on Law and Commerce. This Webinar is a collaboration between Ahmad Ibrahim Kulliyyah of Laws, International Islamic University Malaysia (IIUM), Bundeswhr University Munich and Dortmund University of Applied Sciences.

My presentation slides can be downloaded here >> DOWNLOAD SLIDES.

Oleh: Sonny Zulhuda

Saat ini Rancangan Undang-undang (RUU) Perlindungan Data Pribadi (PDP) sudah masuk ke Prioritas Legislasi Nasional (Prolegnas) 2020 dan ditargetkan untuk segera dibahas oleh Dewan Perwakilan Rakyat pada tahun 2020 ini untuk selanjutnya diundangkan.

Sampai tahun 2019 yang lalu, Profesor Graham Greenleaf dari UNSW Australia melaporkan ada 132 negara yang saat ini memiliki UU khusus terkait Perlindungan Data Pribadi. Indonesia belum masuk ke daftar itu. Disejajarkan dengan India, Indonesia adalah negara besar yang sedang menyiapkan RUU terkait.

Untuk menambah diskursus tentang Perlindungan Data Pribadi ini berikut kami sampaikan beberapa istilah kunci berdasarkan pemahaman umum literatur hukum PDP dunia, tidak khusus yang termaktub di RUU PDP Indonesia.

DATA PRIBADI

Obyek pengaturan utama dalam RUU PDP adalah “Data Pribadi”. Dalam RUU PDP terkini, Data Pribadi adalah data tentang seseorang baik yang teridentiflkasi atau dapat diidentiflkasi secara tersendiri atau dikombinasi dengan informasi lainnya, baik secara langsung maupun tidak langsung, melalui sistem elektronik dan/atau non elektronik.

Continue reading “Apa Itu Perlindungan Data Pribadi?” →

Dilaporkan oleh: Andi – Muhammadiyah.id

Perlindungan data pribadi merupakan isu penting seiring dengan perubahan cepat perangkat teknologi komunikasi dan layanan publik. Negara harus terlibat memproteksi data pribadi warga. Apalagi isu pertahanan siber warga sipil berkaitan langsung dengan penegakan hak asasi manusia (HAM).

Sonny Zulhuda, pakar hukum siber menjelaskan dalam forum Rembug Nasional yang diselenggarakan oleh Majelis Hukum dan HAM Pimpinan Pusat Muhammadiyah (MHH PP Muhammadiyah), bahwa data pribadi, layanan publik dan HAM tidak dapat dipisahkan antara satu dan lainnya.

Sonny mencontohkan pada bulan Maret 2020 lalu seorang pasien positif Covid-19 memprotes penyebaran data diri dan keluarganya yang dilakukan oleh akun-akun media sosial dan media massa. Kondisi ini menurut Sonny, memicu stress dan depresi sang pasien. “Dia dan keluarganya tidak nyaman dan merasa tertekan” ungkap Sonny.

Continue reading “Perlindungan Data Pribadi dan HAM di Era Siber” →

Oleh: Sonny Zulhuda

Ini adalah tema yang saya paparkan dalam Webinar berjudul Rembug Nasional tentang Ancaman Kebebasan Sipil dan Keadilan Sumber Daya Alam yang diadakan oleh Majelis Hukum dan HAM, Pimpinan Pusat Muhammadiyah pada 8 Juli 2020. Hadir memberikan keynote adalah Ketua PP Muhammadiyah Bapak Dr. Busyro Muqoddas, S.H, M.Hum. Dalam sambutannya, Dr. Busyro Muqoddas menyampaikan garis besar berbagai permasalahan hukum dan keadilan di Indonesia dan upaya bersama untuk mereposisi keadilan di Indonesia. “Mari kita kembalikan demokrasi Indonesia ke jalan yang benar,” demikian Dr Busyro yang merupakan Ketua PP Muhammadiyah Bidang Hukum, HAM dan Kebijakan Publik.

Acara nasional ini dimoderatori oleh Dekan Fakultas Hukum Universitas Muhammadiyah Yogyakarta Dr. Trisno Raharjo, S.H, M.Hum, yang juga adalah ketua MHH PP Muhammadiyah. Terimakasih saya sampaikan khusus kepada sahabat saya Bapak Rahmat Muhajir Nugroho, S.H, M.H sekretaris MHH PP Muhammadiyah dan Dekan Fakultas Hukum Universitas Ahmad Dahlan yang mengontak saya untuk acara ini.

Dalam kesempatan Webinar ini, saya mengetengahkan kaitan hak privasi dan perlindungan data pribadi dengan aspek kebebasan sipil. Memang keduanya memiliki keterkaitan yang sangat erat. Contoh saja, makna dan cakupan hak atas privasi itu dapat diperluas dengan berbagai aspek hak-hak sipil lainnya seperti hak untuk mempertahankan hidup, hak untuk bebas bergeak, hak beropini dan berpendapat serta hak untuk memiliki dan menguasai aset atau properti.

Continue reading “Perlindungan Data Pribadi dan Ancaman Kebebasan Sipil” →

By: Sonny Zulhuda

Today I spoke about the digital ethics (‘adab’ – Indonesian) at a Webinar held by the Muhammadiyah High School IV Depok, West Java. The audience was mostly students, with a few school teachers also participating.

I focused on few issues, prevalent among youth in the cyberspace. That includes hoax, cyber bullying, stalker harassment and social media abuses.

Above all, I emphasised on the need to keep your faith and integrity wherever, whenever you are.

Key takeaways: Q.S Al-Isra’: 36 and Q.S Al-Hujurat: 10-12.

Here is the presentation slides.

By: Sonny Zulhuda

Note: this short article was published by the New Straits Times (NST) Online on Friday, 29th May 2020 at this link.

We were reminded by Prime Minister Tan Sri Muhyiddin Yassin (NST, 16 May 2020) to ensure continued education with new methods of online and remote teaching and learning (RTL). He said this must be strengthened as e-learning is the future of education.Teachers and lecturers must develop their skills with this new normal. With necessary skills and knowledge, RTL will not be less fun and interesting. In contrary, being unfamiliar with how technology works may lead to some legal complications. Therefore in conducting RTL, educators also need to take care of those legal risks so as not to end up in a legal mess and potential liabilities.

There are three major legal risks educators and learning institutions need to anticipate in RTL, namely identification, content, and communication.

Continue reading “Three Major Legal Risks in Remote Teaching and Learning” →

By: Sonny Zulhuda

As learning institutions are now going massively online due to the Covid-19 pandemic crisis, questions arise how “secure” it is technically, operationally and legally for schools and universities to launch and execute their online and remote teaching and learning (“RTL”) activities. For many institutions who have never considered this seriously before, RTL can be a serious challenge, either conceptually or operationally, or both.

This is part of the new norm we are forced to accept, with social distancing and lockdown at various levels are now the norm rather than the exception.

Continue reading “The Operational Issues in Remote Teaching and Learning” →

By: Sonny Zulhuda

This post is about a keynote I delivered in an International Webinar organized by Faculty of Law, Universitas Muhammadiyah Surabaya. The Webinar went well, attended by a crowd of around 100 Zoomizens (yes, it was on Zoom application).

Even though the theme of this international web seminar was the implications of Covid-19 pandemic crisis over cyber security, other speakers did speak about a wide array of legal topics including the implication on employment law, emergency law, criminal law as well as public international law.

In my presentation, I first highlighted the development of the pandemic in Malaysia including the legal basis of Movement Control Order (MCO) in Malaysia. Next, I observed and assessed the ensuing implications including Policy Implications; Social Implication; and Cyber Security Implication

The social implication includes the following:

• Lesser people on the road and the flocking of people in the cyberspace makes it more attractive hunting ground for cybercriminals.
• More online shopping and online selling, so a better chance to hide their illegitimate and fraudulent transactions by picking popular items such as face masks, sanitizers, vaccines, etc.
• More activities on social media makes it a perfect platform for launching phishing attacks.
• Making use of emotions and curiosity on what is going on, easy to entice attention: e.g. infection data, patients’ personalities, donation drive.

The policy concerns that emerge are: Continue reading “Impact of Covid-19 Pandemic Crisis on Cyber Security” →

By: Sonny Zulhuda

Zoom-bombing adalah istilah populer bagi kegiatan sabotase yang dilakukan terhadap aplikasi meeting online yang akhir-akhir ini sedang naik daun yaitu Zoom. Contoh sabotase itu adalah penyusupan seseorang yang ingin membuat onar dan mengganggu jalannya pertemuan.

Dalam beberapa insiden terkini, masalah zoom-bombing bukan pada kelemahan teknis seperti bugs, design dll. Tapi lebih pada penyelenggaraan (governance).

Ibarat mobil dicuri, lebih disebabkan karena mobilnya yang tidak dikunci, atau tidak sempurna nguncinya, atau dikunci tapi duplikatnya ditaruh diluar mobil.

Maka sekadar penekanan untuk kita semua yg mau bikin Zoom meeting, ada bbrp langkah pengamanan a.l:

1. Untuk host, harap mengaktifkan *waiting room* agar bisa dipastikan bahwa yg masuk itu terverifikasi.

Continue reading “Lagi tentang Zoom-Bombing” →