Abstract

This article examines issues surrounding airline passenger data protection in the realms of big data  phenomenon. The history of privacy, including two landmark cases, shall be elaborated from the beginning to provide a comprehensive discussion. How the airlines operate through utilizing personal data, also their compliance towards the enacted law shall be analyzed. Then the sentiments towards Passenger Name Record Agreement which speaks on behalf of flight security is also being explored. Finally, the article aims to provide some recommendations towards the current drafting of the new Indonesian Data Protection Act draft by taking into account lessons learned from airlines.

Intisari

This article examines issues surrounding airline passenger data protection in the realms of big data  phenomenon. The history of privacy, including two landmark cases, shall be elaborated from the  beginning to provide a comprehensive discussion. How the airlines operate through utilizing personal data, also their compliance towards the enacted law shall be analyzed. Then the sentiments towards Passenger Name Record Agreement which speaks on behalf of flight security is also being explored. Finally, the article aims to provide some recommendations towards the current drafting of the new Indonesian Data Protection Act draft by taking into account lessons learned from airlines.

A. Buku European Union Agency for Fundamental Rights & Council of Europe, 2014, Handbook on European Data Protection Law, Publications Office of the European Union, Luxembourg. Gutwirth, Serge, et al. (eds.), 2015, Reforming European Data Protection Law, Springer, Dordrecht. Macdonald, Ronald St. J., et al., 1994, Essays in Honour of Wang Tieya, Martinus Nijhoff Publishers, Dordrecht. Trauner, Florian, et al., 2015, Policy Change in the Area of Freedom, Security and Justice, Routledge, Taylor & Francis Group, London. Vokowich, William T., 2002, Consumer Protection in the 21st Century, Transnational Publishers, Ardsley, New York. B. Artikel Jurnal Asinari, Maria Verónica Pérez, et al., “Airline Passengers’ Data: Adoption of an Adequacy Decision by the European Commission - How Will the Story End?”, Computer Law and Security Report, Vol. 20, No. 5, 2004. Carpanelli, Elena, et al., “PNR: Passenger Name Record, Problems Not Resolved? The EU PNR Conundrum After Opinion 1/15 of the CJEU”, Air & Space Law, Vol. 42, No. 4&5, 2017. Enerstvedt, Olga Mironenko, “Russian PNR System: Data Protection Issues and Global Prospects”, Computer Law and Security Review, Vol. 30, 2014. Gubitz, Arnulf S., “The U.S. Aviation and Transportation Security Act of 2001 in Conflict with the E.U. Data Protection Laws: How Much Access to Airline Passenger Data Does the United States Need to Combat Terrorism?”, New England Law Review, Vol. 39, 2005. Kemp, Richard, “Legal Aspects of Managing Big Data”, Computer Law and Security Review, Vol. 30, 2014. Mikkonen, Tomi, “Perceptions of Controllers on EU Data Protection Reform: A Finnish Perspective”, Computer Law and Security Review, Vol. 30, 2014. Ntovas, Ioannis, “Air Passenger Data Transfer to the USA: The Decision of the ECJ and Latest Developments”, International Journal of Law and Technology, Vol. 16, No. 1, 2007. Nugraha, Ridha Aditya, et al., “Body Scanners within Airport Security Systems: Security or Privacy Issue?”, The Aviation & Space Journal, Vol. 15, No. 3, 2016. Rees, Christopher, “Who Owns Our Data?”, Computer Law and Security Review, Vol. 30, 2014. Waltz, D. Brent, “Privacy in the Digital Age”, Indiana Law Review, Vol. 48, 2014. C. Hasil Penelitian/Tugas Akhir Nugraha, Ridha Aditya, 2015, Passenger Data Protection in the European Union: The Long and Winding Road, European Air Law Association (EALA) Prize 2015, dipresentasikan di the 27th EALA Annual Conference, Edinburgh, 5-6 November 2015. Supriyadi, Daniar, 2017, Personal and Non-Personal Data in the Context of Big Data, Tesis, Tilburg Institute for Law, Technology and Society, Tilburg University, Tilburg. D. Internet Hollister, Sean, “A Lesson from Ukraine on Cell Phone Metadata”, http://www.wbur.org/hereandnow/2014/01/24/ukraine-metadata-lesson, diakses 8 November 2017. Supriyadi, Daniar, “Data Pribadi dan Dua Dasar Legalitas Pemanfaatannya”, http://www.hukumonline.com/berita/baca/lt59cb4b3feba88/data-pribadi-dan-dua-dasar-legalitas-pemanfaatannya-oleh--daniar-supriyadi, diakses 13 November 2017. The Court of Justice of the European Union, “The Court of Justice Declares that the Commission’s US Safe Harbour Decision to Invalid”, http://curia.europa.eu/jcms/upload/docs/application/pdf/2015-10/cp150117en.pdf, diakses 11 November 2017. E. Peraturan Perundang-Undangan Charter of Fundamental Rights of the European Union (2012/C 326/02, 26 Oktober 2012). Convention for the Protection of Human Rights and Fundamental Freedoms (Council of Europe, 4 November 1950). Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data (OJ L 281, 23.11.1995, 24 Oktober 1995). Directive (EU) 2016/681 on the use of PNR data for the prevention, detection, investigation and prosecution of terrorist offences and serious crimes, (OJ 2016 L 119/132, 4.5.2016, 27 April 2016). Peraturan Menteri Komunikasi dan Informatika Nomor 20 Tahun 2016 tentang Perlindungan Data Pribadi dalam Sistem Elektronik (Berita Negara Republik Indonesia Tahun 2016 Nomor 1829). Peraturan Pemerintah Nomor 28 Tahun 2012 tentang Pelaksanaan Undang-Undang Nomor 43 Tahun 2009 tentang Kearsipan (Lembaran Negara Republik Indonesia Tahun 2012 Nomor 53, Tambahan Lembaran Negara Republik Indonesia Nomor 5286). Peraturan Pemerintah Nomor 82 Tahun 2012 tentang Penyelenggaraan Sistem dan Transaksi Elektronik (Lembaran Negara Republik Indonesia Tahun 2012 Nomor 189, Tambahan Lembaran Negara Republik Indonesia Nomor 5348). Rancangan Undang-Undang Perlindungan Data Pribadi (Republik Indonesia, versi tahun 2015). Regulation (EC) No. 45 of the Year 2001 on the protection of individuals with regard to the processing of personal data by the community institutions and bodies and on the free movement of such data (OJ L 8, 12.1.2001, 18 Desember 2000). Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, 27 April 2016). Undang-Undang Nomor 11 Tahun 2008 tentang Informasi dan Transaksi Elektronik (Lembaran Negara Republik Indonesia Tahun 2008 Nomor 58, Tambahan Lembaran Negara Republik Indonesia Nomor 4843). Undang-Undang Nomor 43 Tahun 2009 tentang Kearsipan (Lembaran Negara Republik Indonesia Tahun 2009 Nomor 152, Tambahan Lembaran Negara Republik Indonesia Nomor 5071). Universal Declarations of Human Rights (United Nations General Assembly Resolutions No. 217 A (III), 10 Desember 1948). Wet Bescherming Persoonsgegevens (Belanda, 6 Juli 2000). F. Putusan Pengadilan dan Jurisdiksi Regional Commission Decision 2000/520/EC pursuant to Directive (EC) No. 46 Year 1995 on the adequacy of the protection provided by the safe harbor privacy principles and related frequently asked questions issued by the US Department of Commerce (OJ L 215, 25.08.2000, 26 Juli 2000). European Commission Legal Service, C-28/08 P Commission v. Bavarian Lager, 29 Juni 2010. European Commission Legal Service, C-524/06 Huber v. Federal Republic of Germany, 16 Desember 2008. The High Court of Ireland, C-362-14 Maximillian Schrems v. Data Protection Commissioner joined party ``Digital Rights Ireland Ltd., 6 Oktober 2015. G. Lainnya Adhiarna, Nyoman, “Big Data and Personal Data Protection: Policy and Regulation in Indonesia”, Pemaparan Seminar, Seminar “Big Data: Dealing with the New Oil in the Digital Economy”, Universitas Katolik Indonesia Atma Jaya, Jakarta, 31 Oktober 2017. European Data Protection Supervisor, “EDPS Issues an Opinion on the New EU-US Passenger Name Record Agreement”, Press Release EDPS 12/11, Brussels, 13 Desember 2011. Munir, Abu Bakar, “Data Protection in the Digital Economy”, Pemaparan Seminar, Seminar “Big Data: Dealing with the New Oil in the Digital Economy”, Universitas Katolik Indonesia Atma Jaya, Jakarta, 31 Oktober 2017.