IMPLEMENTASI DESAIN PRIVASI SEBAGAI PELINDUNGAN PRIVASI ATAS DATA BIOMETRIK

Patricia Edina Sembiring; Ahmad M. Ramli; Laina Rafianti

doi:10.25123/vej.v10i1.7622

Authors

Patricia Edina Sembiring Fakultas Hukum, Universitas Padjadjaran
Ahmad M. Ramli Fakultas Hukum, Universitas Padjadjaran
Laina Rafianti Fakultas Hukum, Universitas Padjadjaran

DOI:

https://doi.org/10.25123/vej.v10i1.7622

Keywords:

biometric data; privacy by design; privacy right; sensitive data

Abstract

Attention to biometric data security has become urgent for protecting user privacy. In the context of the Protection of Data Privacy (PDP) Law, biometric data are classified as specific data, requiring extra protection due to their unique, non-exchangeable characteristics. This study uses a normative approach, analyzing legislation and legal comparisons through regional and international regulations, to examine two issues: the position of biometric data as specific data under the Electronic Information and Transactions Law and PDP Law, and the technical solutions through privacy by design to protect biometric data. The research findings are: (1) Biometric data are correlated with privacy and personal rights, classifying them as specific data. Their use for public and private interests raises the potential for privacy violations. (2) Technical solutions through privacy by design can begin with implementing consent at the registration stage by personal data controllers, ensuring the processing of biometric data achieves specific purposes.

References

Buku:

Anil K. Jain, et.al., Introduction to Biometrics, Springer Science Business Media, London, 2011.

Ann Cavoukin, Ph.D., Operationalizing Privacy by Design: A Guide to Implementing Strong Privacy Practices, Information and Privacy Commissioner, Canada, 2012.

Evelyn de Souza, The Era of Homo Digitus, in Women in Security, Women in Engineering and Science, Springer Cham, Europe, 2018.

H. Zainduddin Ali, Metode Penelitian Hukum, Sinar Grafika, Jakarta, 2015.

Ibrahim Fikma Edrisy, Pengantar Hukum Siber, Sei Wawai Publishing, Lampung, 2019.

Janitra Haryanto, Klasifikasi Data Untuk Pelindungan Data Pribadi, Center for Digital Society, Yogyakarta, 2018.

Jepp-Henk Hoepman, Privacy Design Strategies (The Little Blue Book), Redboud Universiteit, USA, 2022.

John D. Woodward Jr, Handbook of Biometrics, Springer, Boston, 2008.

Joseph N. Pato dan Lynette I. Millett, Biometric Recognition Challenges and Opportunities, The National Academic Press, Washington D.C., 2010.

Lawrence J. Fennelly, Effective Physical Security Fourth Edition, Elsevier, United Kingdom, 2013.

Lawrence Lessig, Code, Basic Books, New York, 1999.

Marcus Smith dan Seumas Miller, Biometric Identification, Law, and Ethics, Springer, United Kingdom, 2021.

Niniek Suparni, Cyberspace, Problematika dan Antisipasi Pengaturannya, Penerbit Sinar Grafika, Jakarta, 2009.

Robert Walters, et.al., Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer Nature Ltd, Singapore, 2019.

Sinta Dewi Rosadi, Cyber Law Aspek Data Privasi Menurut Hukum Internasional, Regional, dan Nasional, PT Refika Aditama, Bandung, 2015.

Wahyudi Djafar dan M. Jodi Santoso, Perlindungan Data Pribadi Konsep, Instrumen, dan Prinsipnya, ELSAM, Jakarta, 2019.

Jurnal:

Anahiby Becerril, The Value of Our Personal Data in the Big Data and the Internet of All Things Era,” 7 ADCAIJ 71, 2018.

Ann Cavoukin, et.al., Privacy by Designs: Essential for Organizational Accountability and Strong Business Practices, 3 Identity in the Information Society 405, 2010.

Bert-Jaap Koops, The Concept of Function Creep, 13 Law, Innovation, and Technology 29, 2021.

Daniel J. Solove, Data is What Data Does: Regulating Use, Harm, and Risk Instead of Sensitive Data, 118 Northwestern University Law Review 2, 2023.

Farida Sekti Pahlevi, Pemberantasan Korupsi di Indonesia: Perspektif Legal System Lawrence M. Freidman, 1 Jurnal El-Dusturie 23, 2022.

Jeroen van Rest, et.al., Designing Privacy by Design, Annual Privacy Forum 55, 2012.

Mark Maguire, The Birth of Biometric Security, 25 Anthropology 9, 2009.

Miyuki Fattah Rizki dan Abdul Salam, Pertanggungjawaban Hukum Pengumpulan Data Biometrik Melalui Artificial Intelligence Tanpa Persetujuan Pemilik Data (Studi Kasus Clearview AI Inc. di Yunani dan Inggris, 2 Lex Patrimonium 1, 2023.

Mohd Yusuf D.M., et.al., Peranan Budaya dan Kebudayaan di Indonesia Dari Aspek Sosiologi Hukum, 6 Jurnal the Jurist 1, 2022.

Muhammad Fikri dan Shelvi Rusdiana, Ruang Lingkup Pelindungan Data Pribadi: Kajian Hukum Positif Indonesia, 5 Ganesha Law Review 39, 2023.

Sekaring Ayumeida Kusnadi dan Andy Usmina Wijaya, Perlindungan Hukum Data Pribadi Sebagai Hak Privasi, 2 Jurnal Al-Wasath 9, 2021.

Sinta Dewi Rosadi, Konsep Perlindungan Hukum Atas Privasi dan Data Pribadi Dikaitkan Dengan Penggunaan Cloud Computing di Indonesia, 5 Yustisia 1, 2016.

Samuel D. Warren dan Louis D. Brandeis, The Right to Privacy, 4 Harvard Law Review 5, 1890.

Sinta Dewi Rosadi, Implikasi Penerapan Program E-Health Dihubungkan Dengan Perlindungan Data Pribadi, 9 Arena Hukum 403, 2017.

Sinta Dewi Rosadi et.al., Perlindungan Privasi dan Data Pribadi Dalam Era Ekonomi Digital di Indonesia, 4 Veritas et Justitia 1, 2018.

Situs Daring:

Agnes Z. Yonatan, Indonesia Peringkat 4, Ini Dia 7 Negara Pengguna Internet Terbesar di Dunia, diakses pada 4 Januari 2024, https://data.goodstats.id/statistic/agneszefanyayonatan/indonesia-peringkat-4-ini-dia-7-negara-pengguna-internet-terbesar-di-dunia-FLw6V.

Andri Saubani, CISSReC: 3,2 Miliar Data PeduliLindungi Bocor, https://news.republika.co.id/berita/rle9di409/cissrec-32-miliar-data-pedulilindungi-bocor, diakses pada 3 Januari 2023.

Andy Adler, Biometrics & Authentication Technologies: Security Issues, diakses pada 10 Januari 2024, https://www.sce.carleton.ca/faculty/adler/talks/2008/adler-ornec-idt-5feb2008.pdf.

BBC News Indonesia, Ratusan Juta Data Dukcapil Kemendagri Diduga Bocor, Pakar Siber:’Ini Peretasan Paling Parah, diakses pada 4 Januari 2024, https://www.bbc.com/indonesia/articles/c51v25916zlo.

Khorul Anam, Paling Rendah di ASEAN, Tingkat Literasi Digital RI Cuma 62%, diakses pada 4 Januari 2024, https://www.cnbcindonesia.com/tech/20230214171553-37-413790/paling-rendah-di-asean-tingkat-literasi-digital-ri-cuma-62.

Moh. Khory Alfarizi, “Data Internal PT KAI Diduga Dibobol Hacker dan Dijual Pakai Kripto, Ini Penjelasan Lengkap Manajemen,” diakses pada 16 Januari 2024, https://bisnis.tempo.co/read/1821647/data-internal-pt-kai-diduga-dibobol-hacker-dan-dijual-pakai-kripto-ini-penjelasan-lengkap-manajemen.

Novina Putri Bestari, Google Beberkan Pendapatan Bisnis Cloud dari Indonesia, diakses pada 28 Maret 2024, https://www.cnbcindonesia.com/tech/20231011133337-37-479699/google-beberkan-pendapatan-bisnis-cloud-dari-indonesia.

Social Media Today, The Internet in Real Time [Live Infographic], diakses pada 14 Januari 2024. https://www.socialmediatoday.com/content/internet-real-time-live-infographic.

We Are Social, Digital 2023 Indonesia, diakses pada 4 Januari 2024, https://wearesocial.com/id/blog/2023/01/digital-2023/.

Forum:

ASEAN Telecommunications and Information Technology Ministers Meeting, Framework on Personal Data Protection, Bandar Seri Begawan, Brunei Darussalam, 25 November 2016.

Tesis dan Laporan:

Council of Europe, Explanatory Report to the Protocol Amending the Convention for the Protection of Individuals with Refard to Automatic Processing of Personal Data, Council of Europe Treaty Series No. 223, 2018.

Lauren Dancer, et.al. Biometric Identification and Privacy, Comparative Research Prepared for the Center for Law and Policy Research, India, 2013.

Zhasmina Radkova Kostadinova, Purpose Limitation Under the GDPR: Can Article 6(4) Be Automated, Master Thesis in Tilburg University, Belanda, 2014.

Innovatrics, Biometricks and Personal Data, White Paper, Europe, 2004.

Riza Roidila Mufti, A Policy Brief EU General Data Protection Regulation (GDPR), Research Series Embassy of the Republic of Indonsia in Brussels, 2021.

Peraturan Perundang-undangan dan Instrumen Hukum Lain:

Undang-Undang Dasar Negara Republik Indonesia Tahun 1945.

Undang-Undang Nomor 1 Tahun 2024 tentang Perubahan Kedua atas Undang-Undang Nomor 11 Tahun 2008 tentang Informasi dan Transaksi Elektronik.

Undang-Undang Nomor 27 Tahun 2022 tentang Pelindungan Data Pribadi.

Peraturan Pemerintah Nomor 71 Tahun 2019 tentang Penyelenggaraan Sistem dan Transaksi Elektronik.

Peraturan Menteri Komunikasi dan Informatika Nomor 20 Tahun 2016 tentang Perlindungan Data Pribadi Dalam Sistem Elektronik.

General Data Protection Regulation.

Rivera v. Google Inc No. 16 C 02714.