IV. Privacy issues
All Indonesian citizens who have fulfilled certain requirements must have several important documents to prove their citizenship.
One of these is the Indonesian electronic identity card program (e-id). As the basis for the implementation of this program the Government enacted several regulations such as the Law on Population Administration.1 The goals of the E-ID program is build an accurate national population database and the E-ID program will claims to use a 'Privacy Enhancing Technology' (PET) that contains microcontroller chip which stores biodata, signature, photo, and right and left index fingerprint.2
The E-ID programme currently employs biometric data; in the future, the ID will be integrated with many other government agencies such as health, police, intelligence agencies, the Commission for Eradication of Corruption, and the General Election Commission, expanding the scope for increase biometric monitoring. In March 2012, Indonesia's National Police launched a new project named Inafis Card (automatic fingerprints identification system). This card would integrated the nation's fingerprint bank with photo identifications, bank account numbers and other data, to assist in solving crimes.3 However, due to public criticism about the excessive cost of the programme, and overlap with the electronic identity card program, the project has been scrapped. 4
Medical Privacy and Health Management
The Law on Health5 protects the privacy of health information, which should not be disclosed without the patient's written permission.
Doctors' duties extend beyond direct consultations to appropriate record keeping and follow-up. For public health reasons, doctors must report certain diseases to the relevant authorities.
Patients have the right to review, copy, or request corrections to their health information; ask that the records remain private; and request a list of the persons or organisations to whom their records have been disclosed. Doctors are only allowed to disclose information to third parties when necessary. In general the information they may ethically disclose is limited to verifying identity and describing the patient's condition (critical, stable, or good).
Pursuant to the Banking Law6 and the Government Regulation No. 7/6/PBI relating to the Transparency of Information to Banking Products and Consumer Personal Data, banks should not disclose any information about the consumer, and must request written approval from customers if they intend to disclose and distribute any consumer's personal data to other parties for commercial purposes. However these regulations have not been properly implemented in Indonesia, and credit card consumer databases are bought and sold freely.7
Indonesia has a consumer organisation which functions to ensure fair-trade competition and the free flow of truthful information in the marketplace specifically to protect the interests and safety of consumers. Indonesia regulates consumer protection under the Law No.8/1998,8 based on the principles of benefit, justice, balance, security, safety, and legal security. Since the majority of Indonesians are still unaware of their privacy rights, there has been no case of consumer privacy violation settled by the consumer organization.
- 1. No. 23/2006. This was followed by the Government Regulation No. 37/2007 and the Presidential Regulation No. 35/2010.
- 2. http://www.mesago.de/download/IDA/5_Presentations/Powerpoint_Presentatio...
- 3. http://www.thejakartaglobe.com/home/indonesias-national-police-suspend-i...
- 4. http://www.depdagri.go.id/news/2012/04/27/polri-akhirnya-hentikan-progra...
- 5. No. 36/2009
- 6. No.10/ 1998
- 7. http://www.vibiznews.com/news/banking_insurance/2011/03/30/bi-tak-bisa-b...