JAKARTA (The Jakarta Post/Asia News Network): The government insists that its Covid-19 tracking mobile app, PeduliLindungi, does not retain users’ personal data indefinitely and that steps have been taken to improve protection and data usage, following a recent state government report that raised concerns about potential privacy interference.
In its 2021 Indonesian Human Rights Practices Report released last week, the US State Department flagged “NGO concerns about the information collected by the app and how that data has been stored and used by the [Indonesian] government,” in a small sub-section devoted to unlawful interference with privacy.
Speaking to a local news channel on Sunday April 17, Health Ministry spokeswoman Siti Nadia Tarmizi acknowledged the security issues surrounding the app, but assured that steps had been taken to mitigate potential problems.
She said that while civil society concerns about the app were “understandable”, its safety was being closely scrutinized as the app was at the heart of the government’s pandemic recovery efforts.
“Since this report [focuses on events] in 2021, a lot has been improved since in the use and protection of data, especially encrypted data,” said Nadia.
The government app has gained notoriety among NGOs for requiring its users – essentially every individual in the country – to provide sensitive personal data points and have their movements in public spaces logged in the app, as part of efforts to curb the spread of the deadly coronavirus. .
Meanwhile, the data recorded while using the app includes but is not limited to approximate location data, IP address, Wi-Fi location and usage history, as well only data obtained from Bluetooth and camera-based access.
By October last year, more than 60 million people had downloaded the app.
Their concerns were further heightened by the frequency of personal data breaches, particularly after July last year, when a database of 1.3 million users of the Indonesia Health Alert Card (eHAC) system was allegedly disclosed in an online forum.
The eHAC system at the time was being integrated into the PeduliLindungi app, although the government denied the leak claims.
Nadia insisted that the use of the app and “every layer of data transaction flow” relied on the prior consent of the user. It also noted that users can clear their data history in the app and that not all collected user data is stored in its data centers indefinitely.
The official said the ministry had worked with the National Cybersecurity and Encryption Agency (BSSN) and the Ministry of Communications and Information to put in place layered security systems.
Still, Nadia said her office would coordinate with the Department of Foreign Affairs for any further clarification regarding the US government’s report. Earlier, Coordinating Minister for Policy, Legal and Human Rights Mahfud MD told reporters that the app had proven effective in containing the transmission of Covid-19 during the Delta and Omicron waves.
“We created the PeduliLindungi program to protect our people. We have actually been more successful in defeating Covid-19 than the United States,” he said, as quoted by kompas.com.
According to ministry data from 2021-2022, the app managed to prevent 3.7 million people who were not fully vaccinated from entering public spaces. It also prevented some 538,000 infected people from traveling and entering enclosed public spaces.