Yogyakarta, October 23rd 2020—Center for Digital Society held an event Difussion #36 on Friday (23/10). Questioning about identity theft in cyberspace and the Regional Head Elections (Pilkada) 2020, CfDS raised discussion with the title Why not Digital? On this occasion, the speakers were research associates of CfDS, Irnasya Shafira and Fajar Cahyono. The event started at 03.30 p.m. and was moderated by Christophorus Ariobumi, partnership assistant of CfDS.
Irnasya Shafira, in her presentation raised the topic The Ghosts in Our Wires: A Contemplation on the Looming Threat of Identity Theft in the Cyberspace. Cybersecurity or security in cyberspace covers our daily lives. Cybersecurity elements consist of application security, information security, network security, disaster recovery or business continuity planning, operational security, end-user education. According to Irnas, from these elements, the end-user is the most important thing in cybersecurity that we can contemplate.
Considering that the level of awareness of the Indonesian people as a whole towards cybercrime is still low, Irnas explained its concern that various crimes that initially haunt the real world will then follow into the cyber world. According to the Head of Information Management and Documentation Bureau of the Indonesian Police Public Relations, Moh. Hendra Suhartiyono, that there were only 278 cases of identity theft reported to Bareskrim out of 11,777 cybercrime cases reported. From the 2.3% of cases reported, it was concluded that public awareness was still lacking on cybersecurity.
Irnas explained, identity theft itself is a term used to categorize several offenses that involve the use of someone’s personal information without permission for criminal purposes. Here, Irnas invited us to do roleplay on cases of identity theft on the internet.
Furthermore, Irnas invited us to think that data leakage cases do not only occur in e-commerce data, but also data on COVID-19 sufferers sold in rapidshare forums and the General Election Commissions final voters data in 2014. In fact, cyber attack efforts have increased during the pandemic because people use the internet more during their activities. Although end-user education always teaches us to do multi-factor authentication (using passwords and biometrics and not just passwords), if there is a threat of our data being hacked directly, is education enough?
Departing from this contemplation, a discussion about education to protection is needed regarding the need for intervention at the grass-root level or society as a whole. In this case, even though there is UU ITE which regulates cybercrimes on the internet, it does not mention that the state is obliged to protect our personal data on the internet. Therefore, apart from end-user education, end-user protection is also needed. “It seems that this cybersecurity element should be accompanied by end-user protection where our country is obliged to protect our personal data,” Irnas said. “I hope that with this contemplation we will become more aware of something that we’re gonna post on the internet and we will be more aware that our data is not always safe,” she added.
In connection with the previously presented material, Fajar raised the topic of Pilkada: Coronavirus, Online Voting, and Security Risk in his discussion. The Pilkada which was originally to be held in July, last September the government decided that the Pilkada would still be held on December 9, 2020 despite the pandemic. Political contestation will be held in 224 districts, and for city level it will take place in 37 cities and 9 provinces.
This of course has created controversy in the community considering the conditions and the impact of COVID-19 that have not yet recovered. If it is held normally, at least it will be bad news for the Handling COVID-19 Task Force in Indonesia because it is very close to direct interactions and mass gatherings. Thus, the government has three options for holding Pilkada this year. First, postpone the Pilkada 2020 until things back to normal. Second, still holding the Pilkada 2020 with health protocols. Third, the implementation of the Pilkada 2020 with an e-voting system.
The reason for the e-voting option is to reduce direct contact between people and reduce election costs (purchase of medical protocol equipment). However, this e-voting system also raises debates related to security risks, especially with the internet voting method. First, internet voting increases the risk of cyber crime. E-voting will expand the opportunity for attackers to engage in destructive disruptions and attacks on systems.
Second, election hacks may go undetected. Anonymity on the ballot paper which is in accordance with the principle of election also creates a problem by not being able to verify every incoming vote, thus allowing hacking to be carried out undetected. In this case, Fajar pushed and supported the e-voting even though there was no readiness in cybersecurity. “The COVID-19 pandemic has encouraged e-voting with health and economic considerations, although in several matters regarding security, it still needs to be studied further regarding readiness and feasibility,” he added.