The Blue Oceans for the Data Protection Officers (DPO)

By: Sonny Zulhuda

I recently concluded my talk at this event called Data Protection Excellence Network Forum 2019 upon invitation by Singapore Management University (SMU) and Straits Interactive on Tuesday this week (11/6/2019).

Featured together in the opening panel session with me were Commissioner Raymund Enriquez Liboro (Chairman of the Philippines National Privacy Commission), Dr Yudhistira Nugraha (Ministry of Communications and Informatics of Indonesia) and Kevin Shepherdson (Straits Interactive Singapore) discussing the trends and challenges of data protection law in the region and the new market demands for Data Protection Officers (DPO). The event with over hundred attendees were officiated by Dr Lim Lai Cheng who is the Executive Director of the SMU Academy.

Each of us spoke about the regional development of the data protection laws in Malaysia, Philippines, Indonesia and Singapore respectively.

Malaysia had first enacted the law in 2010. Both the Philippines and Singapore followed the suit in 2012. Indonesia is currently preparing a draft bill and is expected to legislate by next year (2020). In term of enforcement, Singapore has recorded dozens of imposition of fines and notices against contravention of their personal data protection law. Meanwhile, the Philippines may only expect enforcement to begin next year in 2020.

In Malaysia, efforts to implement the law come in a combination of prosecution, inspection, establishment of codes of practices as well as public education.

There are in Malaysia at least five successful prosecutions of data users who contravened the PDPA 2010. Besides, it was noted that six sectoral data fora had registered their Codes of Practices (COP) including the banking and insurance sectors, electricity, telecommunications, aviation, and legal services.

In 2018 alone, the office of PDP Commissioner has carried out at least 57 inspections on data users nationwide. Empowered under section 101 of the PDPA 2010, such inspection is meant to promote the compliance of the law while trying to correct and improve the practices by data users in term of processing personal data.

Screenshot_2019-06-14-08-48-17-927_com.microsoft.office.powerpoint

There is one interesting finding from the talk session. Each of the four countries commonly view that it is necessary legally for the data users to appoint a Data Protection Officer, a specifically designated high-level official to oversee the increasing challenges of data governance. Singapore and the Philippines have this in their laws. Indonesian draft bill includes this. And Malaysian government looks out to consider this matter in their ongoing review of the law.

This DPO is a blend of new skill. Straits Interactive noted that each lawyers and IT professionals make up to about 30% of the DPOs. Others come from business managers, HR, accountants, marketing as well as others. Therefore there is now an emerging need to somehow standardise the skill, hence the need for certifications. The good news is, this skill is acquirable.

In that Forum crowded by more than hundred of data users and data protection professionals from Singapore and the region, the demand for this market could not be overstated. It is simply obvious and there to grab.

So the ultimate message we had for all the lawyers, IT professionals and virtually everyone.. Is that there is a blue ocean in front of us now for the highly demanded data protection professionals. Let us swim there!

Advertisements

From Brussels: The Islamic Legal Conceptions of Privacy

By: Sonny Zulhuda

IMG_20190130_094243Last week (1st February 2019) I concluded the International Conference on Privacy and Data Protection (CPDP2019) in the heart of Europe, City of Brussels. It is organised by a consortium of primary European universities, supported by global companies, and endorsed by the European Union institutions.

It’s the 12th edition of this annual global event on privacy & data protection. 3 days of fascinating and thought-provoking talks, speeches and discussions. Thank you @CPDPconferences for inviting me as a speaker on privacy in Islam.

Thanks to @darahallinan who initiated this panel for the first time. Entitled “Islamic Legal Conceptions of Privacy.” The idea is to understand how privacy is actually a universal value adopted by wide and global communities and traditions.

Being the first speaker, I first introduced that for every Muslim, Islam is the way of life and provides a comprehensive guidelines for both private and public interactions.

Then I spoke mainly on the evidences from the Quran (as the primary source of Islamic law) which provide basis of privacy right and how to implement it in life, starting from early childhood: they should ask parent’s permission before entering their private rooms at three specific times in a day.

I highlighted how important it is to respect others’ dignity by not transgressing their rights, not spying on them, not backbiting, not ridiculing them, and not calling them by undesired labelling/tagging.

Muslims are told to get mutual consent when affecting others’ rights, to record agreements, to enter their houses upon prior consent, and to leave if asked to. Not less importantly a command to investigate information received (verification and authentication).

Those are exactly the rights pertinent to privacy and data protection nowadays.

At the end, I noted that 1. Islam calls for peace, justice and harmony; 2. Privacy is one of important rights to be preserved; and 3. At all time, Muslims will be accountable to God, Society and oneself.

And not forgetting I also shared some updates on the privacy laws and Personal Data Protection laws in both Indonesia and Malaysia. Some good news here and there.

Thank You Chair, moderator and fellow panelists Prof Andrew Adams (Japan), Prof Elizabeth Coombs (Malta), Nighat Dad (Pakistan), Lahoussine Aniss (Marocco), and Patrick Penninckx (EU) for making it a beautiful panel. Looking forward to connecting further. Thank you @CPDPconferences.

#PrivacyinIslam #CPDP2019 #Brussels #Malaysia #Indonesia #PDPA

Menyoal Tren “10 Years Challenge”

By: Sonny Zulhuda

jpdp

Akhir-akhir ini pengguna media sosial pasti sudah banyak melihat foto-foto transformasi wajah yang dilabel hashtag #10yearschallenge. Tidak kurang, politisi dunia hingga artis dan selebriti pun berpartisipasi dalam trend yang satu ini. Aktivitas ini dimanfaatkan oleh masyarakat media sosial sebagai bahan hiburan dan obrolan yang menarik dan tidak jarang menggelitik.

Namun, mungkin banyak yang sadar bahwa foto-foto yang disebar itu akan memudahkan pihak media sosial atau pihak ketiga untuk melakukan beberapa pekerjaan mereka seperti:

1. Penyempurnaan database wajah individu berikut kronologi tahun dan usia.
2. Penelitian pola transformasi wajah manusia berdasarkan usia, periode, dan demografi lainnya seperti ras, gender, lingkungan, dan lainnya.
3. Pemrograman pada teknologi artificial ingelligence dalam melakukan rekaan wajah secara lebih akurat.
4. Identifikasi dan penyamaran.

Apalagi, dengan label yang sangat indikatif seperti #10yearschallenge akan semakin memudahkan penyaringan dan interpretasi data sehingga memberikan jalan pintas untuk pencarian data itu sendiri. Label hashtag itu sama dengan fungsi metadata. Semakin banyak hashtag, maka akan semakin mudah pencarian data tersebut di domain publik.

Continue reading

Intellectual Property Rights and Open Data in the Digital Environment

By: Sonny Zulhuda

postermaker-1541067967396

A close forum named Focus Group Discussion (FGD) on IPR and Open Data in the Digital Environment was recently held on 9th November 2018 at Al-Nawawi Conference Room, Ahmad Ibrahim Kuliyyah of Law, International Islamic University Malaysia (IIUM). The event was involving two universities from two countries which are the International Islamic University Malaysia (IIUM) and Universitas Padjadjaran (UNPAD), Indonesia.

In his welcoming remarks, the Dean of Ahmad Ibrahim Kuliyyah of Laws, Prof. Dato’ Sri Dr. Ashgar Ali Ali Mohamed extended his gratitude and warm welcome to the delegations from UNPAD. He believed that this two-way discussion should be conducted more regularly in promoting the intellectual discourse between two countries. In a reciprocal gesture, Prof Dr H Ahmad M. Ramli from the Faculty of Law, UNPAD in his keynote address appreciated the initiative by IIUM in conducting this group discussion.

This FGD was part of the research work under the Fundamental Research Grant Scheme, funded by the Ministry of Education, Malaysia. The group discussion was divided into 4 sessions, involving 11 speakers altogether; 7 from UNPAD and 4 from IIUM. Here are some excerpts:

Session 1: IPR Between Tradition and Innovation Continue reading

“Right to be Forgotten” in Indonesian Data Protection Law (A Focus Group Discussion with BINUS University)

By: Sonny Zulhuda

This report is based on what has been written on BINUS Website in the original Indonesian version. The Focus Group Discussion took place on 11th August 2018 in Kuala Lumpur. The participants were Prof. Dr. Shidarta, Prof. Dr. Bambang Pratama, and Reinhard Christian Surya from BINUS Law School, Jakarta and myself. The main topic was on the the right to be forgotten.

I reckoned in that meeting that the regulation on right to be forgotten as introduced in the latest 2016 amendment to the Indonesian e-transactions laws (namely UU ITE in Indonesian) was a drastic development bearing in mind that there is still no comprehensive legislation in Indonesia dealing with the protection of personal data which is now increasingly becoming a new global norm. In my view, Indonesia should first settle with the currently ongoing debate on the draft bill of the Personal Data Protection law.

Right to be forgotten is indeed a sub-set of many rights relating to personal data processing of an individuals. In many laws, this right to be forgotten is interchangeably discussed with the right to data deletion.

fgd binus 2018

In Malaysia this right is impliedly given because it mandates every data user (those who process personal data of individuals) to ensure data are deleted when they are no longer necessarily required. Similar provisions can be found in the laws of other countries such as UK, Hong Kong and Singapore. In Indonesia, there is still no law (Undang-undang) which defines and lays down similar requirements.

In its Indonesian report, the Website continues to note: Continue reading

Privasi dan Integritas Teknologi

Dr Sonny Zulhuda

This article, in Indonesian, was published in the national daily REPUBLIKA, on 3rd April 2018. This piece highlights the ultimate need to have a privacy-embedded technologies. Respecting privacy is a prerequisite to maintain the integrity in the use of technology. As I concluded, the connectivity that we currently enjoy shall not eliminate the identity and integrity that shape who we are, as individuals and nation.

================

boss-spying-on-youBerbagai isu kebocoran data pribadi seperti yang baru-baru ini berlaku pada data registrasi nomor telpon seluler di Indonesia, dan juga pada data pengguna Facebook di Amerika Serikat (AS), membawa kita kepada pertanyaan yang lebih fundamental, yaitu hak privasi terhadap data. Apakah hak privasi itu sendiri?

Jarang didefinisikan, namun sering diperdebatkan. Misalnya, dalam menyikapi isu penyadapan komunikasi oleh penegak hukum di Indonesia, masyarakat kita berpolemik sejauh mana penyadapan bisa dilakukan, mengingat efeknya yang mengoyak kebebasan dalam berkomunikasi. UUD 1945 menjamin hak kita untuk berkomunikasi dan menyampaikan pemikiran atau pendapat. Jika komunikasi kita disadap, maka hak kita sudah disunat. Dalam konteks inilah Dewan Keamanan Nasional AS dikritik tajam ketika mantan pekerjanya Edward Snowden mengungkap praktik Badan itu dalam mengawasi komunikasi dan data pribadi pengguna Internet AS dan global.

Di Malaysia, pengadilan memvonis salah perbuatan memasang kamera CCTV di pekarangan rumah sendiri namun mengarahkannya ke halaman rumah orang lain karena mengganggu privasi tetangganya. Di Afganistan, orang dilarang memanjat genteng rumahnya sendiri sebelum memberitahukan tetangganya agar si jiran tidak terlihat dalam kondisi yang memalukan. Di Korea, kamera telpon seluler harus disetting dengan suara yang cukup nyaring sehingga orang tahu jika ia difoto di kawasan publik. Semua contoh diatas muaranya sama, yaitu melindungi privasi orang.

Kita tidak ingin teknologi modern yang nisbi menggerus sisi kemanusiaan yang universal dan hakiki. Teknologi informasi kita di negeri ini tidak boleh bebas nilai, dan tidak boleh pula miskin nilai. Koneksitas dan mobilitas yang semakin baik merupakan anugerah yang harus kita syukuri. Namun perlu diingat, koneksitas tidak dapat menghapus identitas, dan mobilitas tidak bisa meminggirkan integritas. Majulah TI di Indonesia.

Berasal dari bahasa Inggris, “privacy” berarti hak untuk bersendirian dan untuk tidak diawasi oleh orang lain. Padanannya dalam bahasa Arab adalah “huquq fardiyyah” (hak-hak pribadi) atau “huquq al-hurmah” (dignity atau maruah).

Dalam dialektika Alquran, Continue reading

Apapun Disiplin Ilmumu, Pelajarilah Ekonomi Digital!

APAPUN DISIPLIN ILMUMU, PELAJARILAH EKONOMI DIGITAL!

Oleh: Sonny Zulhuda

APAC Cyber Summit 2016_1

1. Indonesia dan Malaysia melalui pemimpinnya masing-masing telah menetapkan bahwa Ekonomi Digital menjadi fokus utama dalam membangun negara dan meningkatkan ekonomi bangsa. Tidak hanya jalur lebar Internet yang diperhebat, namun penguasaan konten lokal dan industri kreatif kini menjadi generator baru bagi kemajuan bangsa.

2. Pengalaman saya selama 15 tahun sebagai peneliti, akademisi dan praktisi hukum teknologi informasi, melihat semakin perlunya kita untuk memparalelkan segala ilmu, pengetahuan dan teori yang kita pelajari dengan perkembangan dunia digital. Ekonomi digital yang didominasi dengan penguasaan teknologi informasi dan optimalisasi data mengharuskan kita menjawab berbagai tantangan digital.

3. Saya saksikan sendiri di berbagai universitas top di dunia seperti Oxford, Sydney, UNSW, Tsinghua, Toronto dan Yonsei University mereka sudah mendirikan lembaga kajian yang fokus terhadap isu konvergensi teknologi informasi dalam berbagai aspeknya. Universitas Indonesia dan UNPAD saya pikir sudah memulai lebih awal dalam konteks Indonesia. Yang lainnya, belum kelihatan! Sementara, semakin banyak pula lembaga internasional yang menyediakan program, beasiswa, fellowship dan event-event yang bertujuan mencari bakat-bakat muda dalam kajian konvergensi informasi ini.  Continue reading

  • September 2019
    M T W T F S S
    « Aug    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  
  • Visitor

    free counters

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,630 other followers