ELSAM, Jakarta- “Are we being stupid about smart cities?”
Above is the question from Profesor Joe Cannataci to the participants of general lecture about privacy in Universitas Indonesia, hel by ELSAM, on Tuesday 25 April 2017. That question invited us to again reflect the other consequences of the solution offered by Smart City concept.
In Indonesia, several cities including Jakarta have promoted Smart City concept. In Jakarta, the concept consists of 6 pillars: Smart Governance, Smart People, Smart Living, Smart Mobility, Smart Economy, and Smart Environment. It functions to analyze the probelms in big cities by increasing the service based on technology, including internet. For example, by collecting data dan create an application to analyze the traffic jam, and open a space to communicate which can increase the people’s participation in order to give input and criticize the government.
Smart City has several success story to analyze the problem in big cities. However, there is another consequence which can be challenges in the future, that is, the massive collection and dissemination of citizens’ data. Reflecting to the regulation, has Indonesia fully respected privacy? Have the regulations in Indonesia adequately answered those challenges?
The Importance of Privacy Protection to Autonomy, Democracy and Freedom
In the digital era, privacy protection is essential to implement freedom of expression and individual self-development. Protected privacy means to guard the citizens’ individual autonomy. According to Cannataci, if a person feels that his/her privacy is protected enough, (s)he will have options to live their lives as their authentic motivation and reasons, not as others’ manipulation or distortion.
Moreover, keeping privacy means keeping democracy. Paul Sieghart stated that in modern era where information technology grows faster, other parties easily analyze how the pattern and reaction of public life are. Such situation will affect the self autonomy that if other parties recognize the patterns of public needs and desire, they will easily hamper public, potentially stop what the public are doing, and find ways to manipulate public to do as they want.
In this case, state must be present to protect its citizens’ privacy. Indonesia Constitution, 1945 Constitution, article 28 F stated that each citizen has the right to communicate and obtain information for their self-development and social environment, and the right to search, obtain, own, save, process, and deliver the information using any available medium. This shows how privacy protection has been mandated in the constitution.
On the 34th session of Human Rights Council in March, UN has adopted resolution on right to privacy in digital era. The resolution result affirmed that surveillance practices conducted by government must be based on definite legal basis and not go against the needs and proportionality principles as other restriction of rights stated.
Privacy is not against security
“Surveillance activities conducted by a state must be carried out proportionally. Government has no authority to carry out mass surveillance of communication application of their citizens, on behalf of national security,” Cannataci explained in the general lecture. He said that surveillance can be implemented to certain parties identified as a group potentially comitting crime, such as terrorism, corruption and human trafficking. While mass surveillance is a mauve action and violates privacy.
Great narration for restricting privacy rights is national security activities. Cannataci affirmed that the concept of privacy protection can not be located as a right which is against national security activity. “Privacy must be integrated with national security,” he said.
Therefore, it is important to formulate safeguards or regulation which regulates the authority for intrusion or restriction of privacy rights carried out by state or private sector. The restriction should be in line with the purposes by promoting and respecting human rights principles.
Based on ELSAM’s research result, Indonesia has 30 regulations containing data privacy protection. Those include ITE Law, Counter Terrorism Law, and State Intelligence Law which grant the authority for data interception as privacy right restriction can be implemented in certain situation pursuant to the prevailing law.
Even so, those regulations have different accountability and transparency standards. Furthermore, several regulations have not fully implemented the international standard principles such as ICCPR. Thus, every restriction action from the government can be considered as violating privacy rights.