My Online Diary

By: Suziane

1.                  Introduction

Collection of millions of computers that provide a network of electronic connections between the computers usually defined as Internet. Nowadays, Internet is an important tool in human life. In a few years ago, if we need some information, we should go to library and read the encyclopedias page by page. Today Google help us more than that. It is more powerful and faster.

Technological advances certainly have positive and negative impacts. Positive impact is how easy to get information anytime and anywhere, trade improving, and economic growth, create job opportunity, can be used as a learning media and as a media that allows anyone to participate in for any purposes.

The increasing of internet users will increase transaction value, interaction frequency, communities’ spectrum, and usage objectives. There will be the increasing threats, attacks, and crimes directly because of the increasing Internet value. To minimalize the negative effect, there should be a Policy to control and supervise the activities.

This paper is written from business perspective side. In business issues, Internet is a part of business system as transactions and interactions are being conducted accordingly. Internet as technology mimic, enable, drive, and transform the business, internet dependency is high. For the activities that rely on time and space-where resources and processes can be digitalized-the network is the business.

Business in Indonesia is in growing phase. Not all company needs Internet. But the users of Internet in Indonesia are growing faster, in the next few years Internet will be the important tool for business. If there isn’t some Information Security Policy for this, business in Indonesia will be chaotic. Information Security Policy is defined as an action plan dealing with information security issues, or a set of rules to maintain condition or certain information security’s level.

Akamai find that Indonesia is number one targeted in Cyber-attack. Indonesia is number two as source of Cyber-attacks. Approximately 67% are very dangerous attacks. Cyber-crime continues to diverge down different path every year. In 2013, cyber-criminals are changing the way to organize and targeting new users and new platforms, online transaction-based activities continue to be exploited, and hactivism-related attacks continue to rise as a way to commit corporate espionage, push political agendas or cause reputational damage.

 

2.                  Definition and Legal Fundament Electronic Transaction in Indonesia

In Indonesia, Electronic transaction is ruled by Undang-Undang Republik Indonesia Nomor 11 Tahun 2008 Tentang Informasi dan Transaksi Elektronik (Bill of Act Electronic Information and Transaction) and Peraturan Pemerintah Republik Indonesia Nomor 82 Tahun 2012 Tentang Penyelenggaraan Sistem dan Transaksi Elektronik.

The definition of Electronic Transaction in the Bill of Act:

Transaksi Elektronik adalah perbuatan hukum yang dilakukan dengan menggunakan computer, jaringan computer, dan/atau media elektronik lainnya. Penyelenggaraan Transaksi Elektronik adalah rangkaian kegiatan Transaksi Elektronik yang dilakukan oleh Pengirim dan Penerima dengan menggunakan Sistem Elektronik.

(Electronic Transactions are legal act performed by using computer, computer network, and/or other electronic media. The operation of Electronic Transactions is a series of Electronic Transaction activities undertaken by the Sender and Receiver using Electronic System)

From the definition, we can conclude that every legal act involving electronic media as electronic transaction.

Information System technically is the integration system between man and machine that include hardware components, software, procedures, human resources, and the utilization of the information substances including the function of input, process, ouput, storage, and communication. Accordingly, the actual legal world has been expanding the interpretation of the principles and norms when addressing the issue of intangible material, for example in the case of electricity theft as a criminal act. In fact, cyber activities are no longer simple because the activities are no longer limited by the territory of country, which is easily accessible anytime and from anywhere.

Losses can occur either on the actors and transactions in other people who have never done a transaction, such as stealing fund through purchasing something on the internet using credit card. In addition, the verification is a very important factor, considering that electronic transactions not only accommodate in Indonesian legal system in a comprehensive way, but also very vulnerable to change, tapped, fabricated, and sent to whole world counting by seconds. Thus, the impact can be so complex and complicated.

Widely problems occur in civil transaction because the electronic transactions usage for commercial activities (electronic commerce) has become part national and international commerce. This fact shows that the convergence in information technology, media, and informatics (ICT) continues to grow along with the new development of information technology, media, and communications. Activities through an electronic system, which is also called cyber space, although virtual, it can be categorized as a legal act. Activities in cyber-space are virtual activities that causes real even if the evidence is electronic.

Security and legal certainty in using information technology, media, and communication are very important in order to develop optimally. Therefore, there are three approaches to maintain security in cyber-space, which are to approach the legal aspects, technological aspects, social cultural and ethical aspects. To overcome security interference in electronic system, the law approaches should be done because without the rule of law, the utilization of using technological use becomes not optimal.

 

Pasal 47

(1)   Transaksi Electronik dapat dilakukan berdasarkan Kontrak Elektronik atau bentuk kontraktual lainnya sebagai bentuk kesepakatan yang dilakukan oleh para pihak.

(2)   Kontrak Elektronik dianggap sah apabila:

a.      Terdapat kesepakatan para pihak;

b.      Dilakukan oleh subjek hukum yang cakap atau yang berwenang mewakili sesuai dengan ketentuan peraturan perundang-undangan;

c.       Terdapat hal tertentu;

d.      Objek transaksi tidak boleh bertentangan dengan peraturan perundang-undangan, kesusilaan, dan ketertiban umum.

(Article 47

(1)   Electronic transactions can be performed under the Contract Electronic or other contractual forms as a form of agreement made by the parties

(2)   Electronic contract is considered valid if:

a.       There is agreement between the parties

b.      Carried out by competent legal subject or authorized representative of in accordance with the provisions of laws and regulations

c.       There are certain things

d.      Transaction object must not conflict with the laws and regulations, ethics, and public order.)

There might be different definition in different country.

The intent and purpose of UU ITE is states in Pasal 3 (Article 3) and Pasal 4 (Article 4)

Pasal 3

Pemanfaatan Teknologi Informasi dan Transaksi Elektronik dilaksanakan berdasarkan asas kepastian hokum, manfaat, kehati-hatian, iktikad baik, dan kebebasan memilih teknologi atau netral teknologi.

Article 3

Information Technology and Electronic Transaction utilization carried out by the principle of legal certainty, benefits, prudence, good faith, and the freedom in choosing technology or neutral technology.

Pasal 4

Pemanfaatan Teknologi Informasi dan Transaksi Elektronik dilaksanakan dengan tujuan untuk:

(1)   Mencerdaskan kehidupan bangsa sebagai bagian dari masyarakat informasi dunia;

(2)   Mengembangkan perdagangan dan perekonomian nasional dalam rangka meningkatkan kesejahteraan masyarakat;

(3)   Meningkatkan efektivitas dan efisiensi pelayanan public;

(4)   Membuka kesempatan seluas-luasnya kepada setiap orang untuk memajukan pemikiran dan kemampuan di bidang penggunaan dan pemanfaatan Teknologi Informasi seoptimal mungkin dan bertanggung jawab; dan

(5)   Memberikan rasa aman, keadilan, dan kepastian hukum bagi pengguna dan penyelenggara Teknologi Informasi.

Article 4

Information Technology and Electronic Transaction utilization carried out with the aim to:

(1)   Educating the nation as part of world information society;

(2)   Developing trade and national economy in order to improve the welfare of community;

(3)   Improve the effectiveness and efficiency of public services;

(4)   Open a wide opportunity to everyone to increase the skill and capability and use the Information Technology optimally and full of responsibility

(5)   Provide a security sense, justice, and legal certainty for Information Technology’s users and providers.

In the implementation of these laws, we should know the role of government and society. It states in Pasal 40 (Article 40) and Pasal 41 (Article 41) about Role of Government and Society

Pasal 40

(1)   Pemerintah memfasilitasi pemanfaatan Teknologi Informasi dan Transaksi Elektronik sesuai dengan ketentuan Peraturan Perundang-undangan

(2)   Pemerintah melindungi kepentingan umum dari segala jenis gangguan sebagai akibat penyalahgunaan Informasi Elektronik dan Transaksi ELektronik yang mengganggu ketertiban umum, sesuai dengan ketentuan Peraturan Perundang-undangan

(3)   Pemerintah menetapkan instasi atau institusi yang memiliki data elektronik strategis yang wajib dilindungi

(4)   Instansi atau Institusi sebagaimana dimaksud pada ayat (3) harus membuat Dokumen Elektronik dan rekam cadang elektroniknya serta menghubungkannya ke pusat data tertentu untuk kepentingan pengamanan data

(5)   Instansi atau Institusi sebagaimana dimaksud pada ayat (3) membuat Dokumen Elektronik dan rekam cadang elektroniknya sesuai dengan keperluan perlindungan data yang dimilikinya

(6)   Ketentuan lebih lanjut mengenai peran Pemerintah sebagaimana dimaksud pada ayat (1), ayat (2), dan ayat (3) diatur dengan Peraturan Pemerintah.

Article 40

(1)   Government will facilitate the using of Information Technology and Electronic Transaction accordance with the provisions of Laws and Regulations.

(2)   Government protects public interest of any kind of disturbance as a result of misuse of Electronic Information and Electronic Transaction that are disturbing public order, accordance with the provisions of Laws and Regulations.

(3)   Government shall determine agency or institution that has a strategic electronic data that must be protected

(4)   Agency or institution referred to in paragraph (3) shall make the Electronic Documents and Electronic Backups and connecting it to particular data center for the sake of securing data

(5)   Agency or institution referred to in paragraph (3) create Electronic Documents and Electronic Backups in purposes to data protection

(6)   Further provisions on the role of Government referred to in paragraph (1), paragraph (2), and paragraph (3) is regulated by Laws and Regulations

 

Pasal 41

(1)   Masyarakat dapat berperan meningkatkan pemanfaatan Teknologi INformasi melalui penggunaan dan Penyelenggaraan Sistem Elektronik dan Transaksi Elektronik sesuai dengan ketentuan Undang-Undang ini

(2)   Peran masyarakat sebagaimana dimaksud pada ayat (1) dapat diselenggarakan melalui lembaga yang dibentuk oleh masyarakat

(3)   Lembaga sebagaimana dimaksudkan pada ayat (2) dapat memiliki fungsi konsultasi dan mediasi

Article 41

(1)   Society (Public) as a part to increase the utilization of Information Technology through the use and the implementation of Electronic Systems and Electronic Transaction in accordance with the provisions of this Act

(2)   The role of Society (Public) referred to in paragraph (1) may be held by an institution that established by the public

(3)   Institutions are con template in paragraph (2) may have a consulting and mediation function.

 

3.                  Impacts of UU ITE

UU ITE provides opportunities for new business for entrepreneurs in Indonesia because the implementation of the Electronic System required legal entities and domiciled in Indonesia. In Economics perspective, it can encourage economic growth. It can increase income taxes, provide employment, and increase the income of population (Increase GDP). UU ITE can also anticipate the possibility of adverse internet abuse; provide legal protection to transaction and electronic systems as well as providing legal protection for economic activities (commercial transactions)

Internet abuse often occurs as piercing specific sites owned by the government. Economic activity through Electronic Transaction can minimize misuse and fraud. It also allows to prosecute crimes that committed by someone outside Indonesia. UU ITE can be as an opportunity for government to conduct empowerment Internet programs. There are many areas in Indonesia are Internet touch-less. This law provides solution to minimize the misuse of Information technology and running very quickly.

Internet allows anyone easily to access information and transact with everybody in the whole-world (everywhere). Internet can create a communication network.

 

Positive Impacts

a.       All of price offering activities, partnership contract, cooperative contract, cooperative contact, billing are protected by law. All of documented electronic documents (emails) to clients can be considered as evidence. If there is a problem in cooperation, it will be positive value

b.      When we do banking transaction and then be harmed, and it wasn’t anticipated by the transaction manager, we are legally entitled to sue the manager. It could also apply to e-money merchants (e-gold, PayPal, etc.)

c.       If there is a company that registered the domain name (website) with the intention of vilifying particular product/brand/name, the company can be sued to cancel the domain name.

d.      Every content that is written in a blog becomes official authorship copyright and protect the intellectual property. The negative posts that harm others can be sued by the injured party

e.       If there are credit cards transactions without the owner permission (carding) clearly can be prosecuted by law

f.       Selling the database of member’s email address without permission is illegal

g.      Phishing sites are legally prohibited

 

Negative Impacts

a.       The contents of website should not consist of violation of decency. It is normative morality. It will be an ambiguous perspective

b.      Blog writers concern in expressing opinions. It will curb the freedom of expression.

Internet crime offenses set forth in UU ITE:

a.       The offenses related to illegal activity, namely:

·         Distribution or dissemination, transmission, inaccessibility of illegal content, which consists of:

ü  Morality (Article 27, paragraph [1])

ü  Gambling (Article 27, paragraph [2])

ü  Insult or defamation (Article 27, paragraph [3])

ü  Extortion or threats (Article 27, paragraph [4])

ü  A misleading falsehood and harm consumers (Article 28, paragraph [1])

ü  Creates a feeling of hatred based on racial intolerance (Article 28, paragraph [2])

ü  Transmit information that contains threats of violence

·         In any way commit illegal access (Article 30)

·         Illegal interception of the information or electronic document and electronic system (Article 31)

b.      The offenses relating to interference, namely

·         Disruption to electronic information and document (data interference – Article 32)

·         A disturbance in electronic system (system interference – Article 33)

c.       Facilitate criminal acts (Article 34)

d.      Criminal fraud of electronic information and document (Article 35)

e.       Additional criminal offenses (Article 36)

 

4.                  Electronic Transaction Effects on the Business Environment in Indonesia

Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM explain the negative impacts of using electronic transaction are:

a.       Immediate financial damage, through fraud or embezzlement, loss of equipment, data corruption and restore

b.      Indirect financial damage, through credit card theft, legal and regulatory fines, contractual penalties, and revenue losses

c.       Operational impact, disruption or permanent denial of critical IT functions and process, secondary “ripple-through” damage to business process

d.      Reputational impact, negative media coverage, targeted activism, customer complaints, competitive disadvantage, etc

e.       Legal impact, individual or class action against the enterprise, criminal proceedings, individual and organizational liability, etc.

As the technology continues to change, organizations must take steps to understand the related risks that will evolved with technology. The growth of Internet-based open networks paves the way for instantaneous and divesting trans-national electronic crimes that can deny victims the ability to operate their businesses or control their assets. The exploitation will multiply as technology change. Cyber-crime will remain a fact of life for organizations everywhere.

To protect the business from Cyber-crime, the company can make the policy internally in the organization. There are three common categories Information Security Policy, namely:

a.       Enterprise Information Security Policy (EISP)

·         Determining organization’s information security policy and create information security condition in each part of organization

·         Establish strategic direction, scope, and the nature of various areas of organizational security

·         Assigning responsibility for different areas of Information Security

b.      Issue Specific Security Policy (ISSP)

·         A rule that describes the acceptable and unacceptable behavior in terms of information security on each of technology used.

·         Provide detailed directions and targets to instructed the organization in using the safe technology system

·         Used to protect the staff and the organization from inefficiency

c.       System Specific Policy (SSP)

·         Controlling the configuration of the using device or technology technically or managerial

·         May often created functioned as a standard or procedure to be used when performing configuration or maintenance of the system

 

5.                  Cases and The Completion In Indonesia

a.       In 2000, some Indonesian websites (BCA, Bank Bali, Bursa Efek Jakarta, and Indosatnet) was hack by Fabianclone naisenodni. (Agus Raharjo, 2002.37)

b.      Indonesia is in the second place as Cyber-Fraud performer base on Security Clear Commerce research (Texas)

c.       The stolen Internet accounts by two Internet Cafés in Bandung. This case is about stole user-id and password belonging of someone else. The usage cost of this account is in the victim’s responsibility.

d.      Denial of Service (DoS) and Distributed DoS (DDoS) cases. Dos attack is an attack aimed at crippling a target (hangs, crashes) so that he cannot provide the service. DoS attack directed to a server (computer) and also to the network (bandwidth spent). DDoS increasing the attack from many computer simultaneously. These types of attack are to make the company losses due to disruption system.

e.       Cyber-terrorism case. There is a site domain that considered as a site that is used by groups of terrorist networks in Indonesia for terrorist propaganda (http://www.anshar.net). The domain was purchased from stolen credit card by Max Fiderman (not the real name). The defendant subsequently was sentenced 6 years in prison under Pasal 45 Paragraph 1 UU RI No. 15 Tahun 2003 tentang pemberantasan tindak pidana terorisme (Article 45 paragraph 1 of Law of Decree 15 of 2003 on the eradication mode terrorism).

f.       KPU (Komisi Pemilihan Umum) website successfully broken by Dani Firmansyah, an Information Technology Consultant at PT. Danareksa Jakarta on Saturday, 17th April 2004. He changed the names of the parties in it become unique names, such as: Partai Kolor Ijo, Partai Mbah Jambon, Partai Jambu, etc. He was sentenced 6 months and 21 days based on UU RI No. 36 Tahun 1999 tentang telekomunikasi (the Law Decree 36 of 1999 on Telecommunications Article 22c, Article 38, Article 50), and Pasal 406 KUHP (Article 406 of the Criminal Code Subsidiary (destroy and damage the goods)). This is equivalent to Article vandalism and destruction of goods.

 

However, some Cyber-crime cases rarely get to court. It is because there is a debate about the regulation relating to the crime. In the other hand some cases was not reported by the victims. Kepolisian Republik Indonesia (Polri), especially Cyber Crime unit has SOP (Standard Operational Procedure) to handle Cyber Crime case. The standard refers to International standard that have been widely used around the world, including by the Federal Bureau of Investigation (FBI) in United States.

Today, consumer has become increasingly dependent on computers, networks, and the information these are used to store and preserve, the risk of being subjected to cyber-crime is high. There are new attack each week on the confidentially, integrity, and availability of computer systems. This could range from the theft of personally identifiable to denial of service attacks.

The disruption of international financial markets could be one of the big impacts and remains a serious concern. Hence any disruption of these systems would send shock waves outside of the market. Attack using worms, virus, etc. impact the productivity. The machine performs slowly. Doing business using electronic transaction should prior consumer perception. Consumer perception will impact the credibility of the business.

In Indonesia so many case related to Electronic Transaction. In 2013, Cyber-crime trend is defamation using messaging text, blog, social media, and others. Cyber society in Indonesia asks the regulator to revised UU ITE about defamation, because this law dissuades the expression right of humanity. This law as though pro to some parties (corporate performer). DPR (Dewan Perwakilan Rakyat) has not planned to make new regulation about cyber-law in 2013. Maybe it will be considering in 2014.

Cyber-law is a two-side knife for business performer. Government should make specific rule to stabilize cyber-economic environment.

One of the interesting cases about cyber-crime in Business is mustika_ratu 2001 case. The description about the case is taken from http://www.imansjahputra.com/?id=10509, the official website of Iman Sjahputra & Partners (Advocates and Solicitors). PT. Mustika Ratu Tbk is one of their valued clients from Indonesia.

 

This case is well exposed by the medias at that time and drawn the attention of the practitioners, professional, experts, educational, and the owners of the famous trademarks and/or names whose their trademarks and/or names are hijacked by the cyber-squatters because this was the first and only domain name case in Indonesia and they also took this case as a lesson in determining what they should do against the cyber-squatters that threatening to the business.

However, we may say that the most interesting part about this case was the reporting of this case as a criminal case, not a civil case. The background of this case is as below. PT. Mustika Ratu is a local famous traditional herbal manufacture that uses “Mustika Ratu” as their trademark and trade names. Their products have been distributed well all over the world. Chandra Sugiono (the accused) found out that the domain names of ‘mustikaratu.com’ (complete and unseparated words/ without underscore) is owned by an individual in United States and further he found that the domain names of ‘mustika_ratu.com’ was still available. Then the accused took this chance to register the said domain names as his domain name with NSI (Network Solution, Inc.). The case became more complicated when, according to PT. Mustika Ratu allegation, PT. Mustika Ratu were informed that the domain name was also used as a marketing of PT. Mustika Ratu’s head to head competitor manufacturer.

Learning this situation, then PT. Mustika Ratu decided to report the case to the Police and filed the said case as a criminal case. As we have stated previously that since Indonesia still does not have any laws or regulations governing this domain name, but in the other hand PT. Mustika Ratu has to bring a legal bases on their claim, therefore PT. Mustika Ratu had decided to use ‘unfair competition’ that is provided under article 382 bis of the Indonesian Penal Code as their legal basis to file a criminal charges against the accused.

Article 382 bis of the Indonesian Penal Code states as below:

“Any person who, in order to establish, to retain or to expand the sale of his trade or business or those of the trade or business of another, commits a fraudulent act of misleading the public or a certain person, shall, if there from some loss for his competitors or competitors of the other person may arise, being guilty of unfair competition, be punished by a maximum imprisonment of one year and four months or a maximum fine of nine hundred rupiahs”.

This case was heard at the Court for almost one (1) year and then the Judge came into a decision that the elements of the unfair competition that is stated in article 382 bis of the Penal Code could not be proven satisfactorily therefore the Judge entered a decision in favor of the accused.

Unlike the common law countries, we (Indonesia) do not have a ‘precedent’ principle. However, it must be admitted that in the practice this decision has weaken the trademark owner’s (infringed) desires to enter the lawsuit against the cyber-squatters (infringer). The decision of this case was against the common decision in other countries where usually the Court decides the case in favor of the trademark owner. We understood that in other countries this case usually entered as a civil case, not a criminal case. However, in our opinion we believe that there are two (2) reasons why PT. Mustika Ratu reported and filed this case as a criminal case.

First of all, at the time when this case was filed Indonesia still did not have the antitrust and unfair competition act. Therefore PT. Mustika Ratu used the available article that is provided under article 382 bis of the Penal Code. Second of all, is about the condition in our country where in practice, the practitioners have different perceptions either which one is supposed to be entered firstly between civil and criminal law. Some say the criminal law should come first, some say that civil law maybe entered without entering the criminal law and some say that both could be entered at the same time. In this case, the prosecutor followed the first opinion where the criminal charges should be entered first and then its decision can be used to support or strengthen the civil case in order to obtain reasonable and higher potential damages. That was why this case is entered in the field of criminal law.

As the consequences of ‘mustika_ratu.com’ decision, many of the trademark owners whose trademarks have been registered by cyber-squatters have not brought a lawsuit against the said cyber-squatters yet. The trademark owners maybe have an opinion that if they enter the lawsuit at this moment then they predict that the decision for their cases will not be different with ‘mustika_ratu’ case because it can be said that the unfair competition that is provided in the article 382 bis of the Penal Code is only the ‘lex generalist’. In the other hand the ‘lex specialist’, which is e-commerce or internet law, is not yet been amended.

Many of the trademark owners, whose domain names are hijacked by the cyber-squatters, will be waiting for the realization of the said ‘lex specialist’ to be used as their legal base in order to win the case and this only with a notation where the said ‘lex specialist’ must be said specifically in its article that it (‘lex specialist’) can be used as a legal basis for anti-cybersquatting cases those happened before the commencing date of the said ‘lex specialist’. If the future ‘lex specialist’ on the contrary does not specifically specify it then as the consequences the said trademark owners cannot use the said ‘lex specialist’ as their legal basis to enter a lawsuit against the cyber-squatters.     

On the contrary, the cyber-squatters in Indonesia will be advantaged by the decision of ‘mustika_ratu.com’ case. This situation is really threatening and as the consequences it can be guaranteed that the cybersquatting will be increasingly happened in Indonesia.

 

This case happened in 2001, before UU ITE. If this case happened after UU ITE, here are my analyses:

a.       Pasal 23, 24, and 25 (Article 23, 24, 25) UU ITE about Nama Domain, Hak Kekayaan Intelektual, dan Perlindungan Hak Pribadi (Domain Name, Intellectual Property, Rights and Personal Protection) states:

Pasal 23

(1)   Setiap penyelenggara Negara, orang, Badan Usaha, dan/atau masyarakat berhak memiliki Nama Domain berdasarkan prinsip pendaftar pertama.

(2)   Pemilikan dan penggunaan Nma Domain sebagaimana dimaksud pada ayat (1) harus didasarkan pada iktikad baik, tidak melanggar prinsip persaingan usaha secara sehat dan tidak melanggar hak orang lain.

(3)   Setiap penyelenggara Negara, orang, Badan Usaha, atau masyarakat yang dirugikan karena penggunaan Nama Domain secara tanpa hak oleh orang lain, berhak mengajukan gugatan pembatalan Nama Domain dimaksud.

Article 23

(1)   Each State organizer, people, enterprises, and/or society is entitled to have the Domain Name based on the principle of the first registrants

(2)   The ownership and the using of Domain Name as referred to in paragraph (1) shall be based on good faith, does not violate the principle of fair business competition and doesn’t violate the rights of others

(3)   Each State organizer, people, Enterprises, or society who are disadvantaged due to the use of the Domain Name without right by others, have the right to bring the lawsuit to referred Domain Name

Pasal 24

(1)   Pengelola Nama Domain adalah Pemerintah dan/atau masyarakat

(2)   Dalam hal terjadi perselisihan pengelolaan Nama Domain oleh masyarakat, pemerintah berhak mengambil alih sementara pengelolaan Nama Domain yang diperselisihkan.

(3)   Pengelola Nama Domain yang berada di luar wilayah Indonesia dan Nama Domain yang diregistrasinya diakui keberadaannya sepanjang tidak bertentangan dengan Peraturan Perundang-undangan.

(4)   Ketentuan lebih lanjut mengenai pengelolaan Nama Domain sebagaimana dimaksud pada ayat (1), ayat (2), dan ayat (3) diatur dengan Peraturan Pemerintah.

Article 24

(1)   Domain Name is manage by Government and/or public

(2)   If there is a dispute in manage the Domain Name by the public, government has the right to take over manage the dispute Domain Name temporarily

(3)   The manager of Domain Name which is outside the territory of Indonesia and registered to the extent not contrary to the legislation

(4)   Further provisions on the management of the Domain Name as referred in paragraph (1), paragraph (2), and paragraph (3) is regulated by Government Law.

Pasal 25

Informasi Elektronik dan/atau Dokumen Elektronik yang disusun menjadi karya intelektual, situs internet, dan karya intelektual yang ada di dalamnya dilindungi sebagai Hak Kekayaan Intelektual berdasarkan ketentuan Peraturan Perundang-undangan.

Article 25

Electronic Information and/or Electronic Document which is compiled become intellectual property, Internet sites, and Intellectual works that are in it are protected as intellectual property rights under the provisions of legislation.

UU ITE above concern about the law of Domain Name generally. The detail about this law is in PP No. 82 Tahun 2012.

b.      Pasal 79 PP No. 82 tahun 2012 Tentang Pengelolaan Nama Domain

Pasal 79

(1)   Nama Domain yang mengindikasikan Instansi hanya dapat didaftarkan dan/atau digunakan oleh Instansi yang bersangkutan.

(2)   Instasi wajib menggunakan Nama Domain sesuai dengan nama Instansi yang bersangkutan.

Article 79

(1)   Domain Name which indicates the agency can only be registered and/or used by the concerned agency

(2)   The agency must use the Domain Name in accordance with the name of the concerned agencies

c.       With these laws, Tjandra Sugiono should be reporting as a civil case, not as a criminal case.

d.      The next step in analyze, we should investigate the purposes of Tjandra Sugiono registered domain named “mustikaratu.com”

 

6.                  Summary and Recommendation

Technology is the main involving factor in every part of human life. The growth of technology is multiply nowadays. We need specific UU as our law bases in business. UU ITE No. 11, 2011 states the law generally and specific-less about Electronic transaction especially in Business perspective. To develop suitable in Electronic Transaction in Indonesia need some research and discussion with different profession. To protect our business from cyber-crime besides the law, we should develop cyber-defense system in our company.

There isn’t the clear boundary to process the cyber-crime as a crime case or civil case. Technology will grow faster than before; we need government to make a bill of act to protect from cyber-crime in Indonesia. It is understandably that there are some weaknesses in UU ITE, because it is the first Indonesian law governing electronic transaction. Contribution of every stakeholder in formulating Cyber-Law from many perspectives will make the UU better and better.

 

References

 

Undang-Undang Republik Indonesia Nomor 11 Tahun 2008 Tentang Informasi dan Transaksi Elektronik (UU ITE)

Peraturan Pemerintah Republik Indonesia Nomor 82 Tahun 2012 Tentang Penyelenggaraan Sistem dan Transaksi Elektronik

Prof. Richardus Eko Indrajit, Meneropong Isu Keamanan Internet Aspek Teknis, Bisnis, dan Sosial, IDSIRTII (Journal)

Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM, Cubersecurity: Governance, Risk Management & Assurance, Sekolah Teknik Elektro dan Informatika, Institut Teknologi Bandung, 2011

Hemraj Saini, Yerra Shankar Rao, T.C.Panda/International Journal of Engineering Research and Application (IJERA), vol. 2, issue 2, Mar-Apr 2012, pp 202-209, Cyber-Crimes and their Impacts: A Review

http://nur4ini.blogspot.com/2013/05/beberapa-kasus-bisnis-crime-di-indonesia.html

http://biruteknologi.blogspot.com/2013/04/dampak-positif-dan-negatif.html

http://www.hukumonline.com/klinik/detail/cl294/definisi-kejahatan-dan-jenis-jenis-kejahatan-internet

http://www.hukumonline.com/klinik/detail/cl3077/cara-pembuktian-cyber-crime-menurut-hukum-indonesia

http://www.hukumonline.com/berita/baca/lt50fbf2d9b6fee/indonesia-bersiap-masuki-dunia-cyber

http://www.hukumonline.com/berita/baca/hol4153/kasus-idomain-namei-bisa-diproses-dengan-uu-merek-baru

Iwan Sumantri, Wakil Ketua ID-SIRTII/CC, Indonesia Security Incident Response Team On Internet Infrastructure

RSA White Paper, The current State of Cybercrime 2013, An Inside Look at the Changing Threat Landscape

By: Suziane

1. Introduction

Culture is a set of norm, moral, value, and customs (rules) that belong to human that used also for interpreting the environment and used to create the behavior. Corporate is a community that consist group of people act as single entity and recognized as such in law, where there is a border as the activities arena and there are some roles that followed by rules. Corporate culture is a set of norm, moral, value, and rules conduct the behavior of individual in the corporate.

Corporate culture is the personality of the organization. The primary goal of corporate is shareholder wealth maximization. Shareholders are members of society; therefor corporate should have responsibilities to society at large and behave ethically. Negative publicity often leads to negative impacts on a corporate. All of the members shared beliefs, values, and behaviors, and then will be a default character and make the culture difficult to change. In this paper I will explain about corporate culture from some opinions and the changes of corporate culture.

2. Corporate Culture in some opinions

Corporate Culture expressed in the day-to-day practices, communications, and beliefs and resulting with a vision that everyone understands to which everyone is committed. Definition of corporate culture from some opinions:

“Culture can be described in a circular fashion where philosophy expresses values; values are manifest in behavior; and behavior gives meaning to the underlying philosophy. Philosophy, values, and behavior describe an organization’s culture and culture is the glue that holds the organization together.” (DeWitt, 2001)

“It is dynamic and fluid, and it is never static. A culture may be effective at one time, under a given set of circumstances and ineffective at another time. There is no generically good culture. There are however, generic patterns of health and pathology.” (Hagberg & Heifetz, 2000)

“Culture is the shared beliefs, values, and norms of a group and it includes: (1) the way work is organized and experienced; (2) how authority exercised and distributed; (3) how people are and feel rewarded, organized, and controlled; (4) the values and work orientation of staff; (5) the degree of formalization, standardization, and control through systems there is/should be; (6) the value placed on planning, analysis, logic, fairness, etc.; (7) how much initiative, risk-taking, scope for individuality, and expression is given; (8) rules and expectations about such things as informality in interpersonal relations, dress, personal eccentricity, etc.; (8) differential status; (9) emphasis given to rules, procedures, specification of performance and results, team, or individual working.” (BOLA, 2001)

In my opinion corporate culture is set of written and unwritten rules that conduct the members of corporate to behave and beliefs, which set by the leader of the corporate to achieve the vision and mission. Corporate culture impacted by the environment (social, politic, and leadership conditions). In many corporates, corporate culture usually changes based on the corporate business condition.

Some of the causes of profitability and responsiveness issues are found in the cultures of the corporate. We need to identify and understanding key attractors and drivers of the corporate culture to overcome the problems. Some of the issues that can be solved by understanding the corporate culture are: (1) hiring the suitable employees for the corporate; (2) creating policies and assignments; (3) making significant changes in response to real threats to its continued existence; (4) facilitating mergers, joint ventures, and acquisitions; (5) increasing profitability and growth.

3. Changes The Corporate Culture

It is not a piece of cake to change the corporate culture. It should be undertaken lightly. “For change to be successful here needs to be a compelling reason to change, a clear vision of what the change will be, and a sensible first step.” (Tribus, 2001). Culture changes require consistency of message, goal, direction, and leadership to succeed. This changes requires a strong leader who knows where they want the company to go, why they want it to go there, can articulate both these points, and who has the power to drive the change throughout the organization.

“Leaders of organizations must lay value foundations, cultural anchors, and behavioral guidelines so that growth and development are harmonious and congruent, and not mechanistic, haphazard, harmful, or destructive. Creative conflict and patterned disequilibrium are the paradoxical dynamics for culture, development, and growth in organizational life.” (Stupak, 1998) Changing the corporate culture is an expensive and long process without guaranteed results. The easiest way to change the corporate culture is to fire everyone and hire the new staff, and implement the new culture to the new staff, because change the mature staff is more difficult than teaching the new staff.

If the business of the corporate uses skilled-employees, the leader can’t to replace the employees with the new one. Because the value of the company from their employees. This situation needs adaptability process and consistency goal set of the corporate. In my opinion, every corporate should develop the employees to have the adaptability competence, resulting flexibility. In other hand, every corporate should develop the employees to have the consistency and understanding of the vision, mission, and value of the corporate. With these consistency and understanding, the employees have the integrity to the corporate.

The changes of corporate culture should be causes of some important reason. Tan (2001) outlines four instances: (1) when two or more companies of varied backgrounds merge and continuous conflict among people of different groups are undermining their performance; (2) when an organization has been around for a long time and its way of working are so entrenched that is hindering the company from adapting to changes and competing in the marketplace; (3) when a company moves into a totally different industry or areas of business and its current ways of doing things are threatening the survival of the organization; (4) when a company whose staff are so used to work under the favorable conditions of economic boom but could not adapt to the challenges posed by an economic slowdown.

4. Conclusion

Culture is important part of the corporate’s environment. Culture affects the performance of the corporate, because culture is set of norm, moral, value, and rules that will be become the behavior of the employees to achieve the corporate’s goals. Goals set by the leader, and the culture should be also set by the leader.

In some conditions, corporate culture should be changed to face corporate business condition. Changing corporate culture should be done carefully. We must identify exactly the reason, the attractor, and the key of the corporate culture itself. The most important thing in changing corporate culture is should be suitable with the corporate goals.

References

Joanne Mowat, the Herridge Group, Corporate Culture, 2002. (Journal)

Bambang Rudito, cross cultural relationship, Corporate Culture, 2013. (Business Ethics Lecture slide)

Hoollaa…..

Ga kerasa ternyata udah lama juga nulis-nulis di sini. Padahal banyak yang ingin diceritain. Alasannya selalu standard a.k.a “ga ada waktu”. Padahal kalau bisa disempatin sih bisa-bisa aja.

Update cerita dulu deh. Dari 2 tahunan yang lalu tepatnya Januari 2013, Zia resmi terdaftar sebagai mahasiswa MBA ITB. Finally, keinginan buat melanjutkan pendidikan S2 tercapai juga. Syukurillah walhamdulillah. Selama kuliah banyak banget ilmu, teman, guru, dan pengalaman yang didapatkan, yang akhirnya zia lulus tanggal 27 Maret 2015. Di ijazahnya tertulis 27 Maret 2015. Seneng banget… Soalnya tepat 9 (sembilan) tahun yang lalu pada tanggal yang sama adalah di saat Mr.Pipu menawarkan diri menjadi pasangan zia. Hahaahahahah…

Setiap tanggal 27 Maret terasa menjadi hari yang spesial, termasuk dengan dinyatakan lulus kuliah S2 pada saat itu. Hari spesial akademis bertepatan dengan hari spesial hati. (lebay.com).

Bicara tahun 2015 juga menjadi pembicaraan spesial buat zia. Pada tahun ini juga zia tepat berumur 30 tahun (pyyuuhh..udah tua). Semuanya menjadi terasa spesial.

Angka 27 yang selalu menyenangkan (2+7=9) pertanda kesempurnaan, Maret adalah bulan kelahirannya Mr.Pipu, dan 2015 sebagai gerbang masuk ke kepala 3. Hal ini semakin memacu untuk berpikir semakin matang dan dewasa (walaupun wajahnya masih dianggap kayak anak kecil).

Doa zia di tahun ini (walaupun udah telat start berdoanya di pertengahan tahun sih, tapi gpp, masih ada setengah tahun lagi yang bisa dijalani with no regret): Semoga zia sebagai rainbow seeker bisa menemukan rainbow yang selama ini dicari. (hahahahahha…apa sih…)

Udah cukup… Ini cuma kata pembuka kok, berhubung udah lama ga nulis di sini.. Skip aja bacanya…

wkwkwkwkwkwkkwkwkw……

Posted on: January 11, 2014

Hahahhahahahahaha…. – at Sun Royal Hotel Bali with mayang and Chicha

See on Path

Posted on: January 10, 2014

Hihihihihihi…… – at Istana Plaza (IP) with Didik

See on Path

Posted on: January 9, 2014

Kabita jadi na… Hikz…. – at Kedai Mamah Eha 2 with Didik

See on Path

Posted on: January 9, 2014

Intip2….hihihihiihihihi….. – at Toserba YOGYA with Didik

See on Path

Big Honey Girl Bee


Become usefull like a bee

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 2,322 other followers

Archives

My TwiTTer

Follow

Get every new post delivered to your Inbox.

Join 2,322 other followers